I do not like the two factor authentication currently required of me on signin. I am an administrator. The double (or you could say triple) is upon signing in - first: name and password, second: click the "I am not a robot" box, third: identify crosswalks or bicycles or whatever. Are all of our members seeing this? It is over and above what is needed!
I think if the user selects "Remember Me" when logging in, the CAPTCHA is not activated the next time they log in.
2FA will be applied to administrators only, not members. And we will make sure that we don't require it too often (not on every login) - either when the administrator changes the browser or IP session, or the session expires.
We understand that all these security measures are a big pain, but they're required to make Wild Apricot safer.
Rick K commented
All of our members HATE 2FA. Make it an option in SETTINGS.
Jay Talbott commented
I agree 100% with this.
Also, we DON'T need two factor authentication (2FA). This NEEDS to be made optional.
It is like a locksmith telling me I need three locks on my house, whether I want it or not.
MAKE 2FA OPTIONAL !
We have four administrators and I DO NOT want the 2FA to go to one administrator only.
This issue is enough to make me find a replacement for Wild Apricot.