Authentication log shows very little detail, not very useful
Gitlab offers the ability to enable 2-factor authentication to make the user account more secure. However, reviewing security when logging in, is close to impossible.
The "Authentication log" currently only shows Signed in with two-factor authentication 17 minutes ago. There is no additional information that enables a user to review, e.g. from which IP address the login was initiated. As a single user you might be able to correlate login activities for as far as you can remember, assuming that you do not log in multiple times on the same day. Other than that, the "Authentication log" offers little valuable information.
For example, my Authentication log reports:
Signed in with two-factor authentication 2 days ago
Signed in with authentication 2 days ago
Signed in with two-factor authentication 2 days agoIt isn't clear to me why there are 2 two-factor authn and 1 authn logins. I also do not remember logging in 3 times, and it isn't clear for me if this means 1, 2 or 3 log-ins have been registered.
I believe there are some low-hanging fruit possibilities for improving the reporting of the "Authentication log" page.
- a way to match log-in locations
- what's the meaning of the "key" icon prefixed in some entries?