stages/authenticator_sms: verify-only (#3011)

2022-06-01 23:16:28 +02:00
parent fc1c1a849a
commit c0cb891078
22 changed files with 372 additions and 42 deletions
--- a/website/docs/releases/v2022.6.md
+++ b/website/docs/releases/v2022.6.md
@ -19,6 +19,10 @@ slug: "2022.6"

    Last MFA validation is now saved in a signed cookie, which changes the behavior so that only the current browser is affected by MFA validation, and an attacker cannot exploit the fact that a user has recently authenticated with MFA.

+-   Verification-only SMS Devices
+
+    SMS authenticator stages can now be configured to hash the phone number. This is useful if you want to require your users to configure and confirm their phone numbers, without saving them in a readable-format.
+
 ## Minor changes/fixes

 ## Upgrading