Allow auto-save password if 2FA used

LDS Account is the primary user account (user name and password) for accessing online Church resources. This forum is a space to discuss all things related to LDS Account (registration, account recovery, user experience, vulnerabilities, etc.).
ScottDRichards
New Member
Posts: 1
Joined: Thu Jan 19, 2017 5:15 pm

Allow auto-save password if 2FA used

Postby ScottDRichards » Thu Jul 06, 2017 12:18 pm

I didn't want to resurrect another thread https://tech.lds.org/forum/viewtopic.php?f=30&t=13147 but I think disallowing password saving should be reconsidered. My mom just chose a very secure password for her account and typing it in on the phone browser every time she wants to log in it is a pain (taking 4 or 5 tries). This has presented me with a few solutions: tell her to use an short simple password, set her up with lasspass, or just forgo using the website on mobile. I think that using 2-factor authentication should assuage any fears of sensitive data being accessible to other people. E.g., a computer that is accessed by a stake president and a ward member. Whenever sensitive data is requested, the website can immediately invalidate the session and re prompt for the 2FA token for an elevated session.

Alternatively, you can have users log in every month with their full password, and then use a PIN during the month to login.

Return to “LDS Account”

Who is online

Users browsing this forum: No registered users and 1 guest