Multi-factor authentication required by group - make it more robust
After a research we have done for https://gitlab.com/gitlab-org/gitlab/-/issues/326540#note_543463360 we discovered some of the users (that were invited to the gitlab group before some code changes) were not flagged properly.
This sparked a discussion between @lmcandrew and myself about: what else can we do to check MFA enforcement for group
.
We were talking about additional check before entering anything in group namespace (but what about dashboards then?). I wonder if any of you have some thoughts about it.
@gitlab-org/manage/access/backend @mushakov