Email notification for all new logins
### Problem to solve Without requiring multi-factor authentication for accounts, user accounts without MFA configured are susceptible to cred stuffing and brute force attacks. We can improve response to incidents and encourage MFA use through automated email alerts whenever a successful login occurs. ### Target audience This is really for all users, but using Sam as the requester of this feature. - Sam, Security Analyst, https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas#sam-security-analyst ### Proposal Suggested text: ``` Dear <user> A new login to your account has been made from <IP>. If you recently logged in and recognize the logged in location, you may disregard this email. If you did not recently log in, you should immediately change your password: <link and instructions to password change>. Passwords should be unique and not used for any other sites or services. <If no MFA enabled> To further protect your account, consider configuring a multi-factor authentication method <link to 2fa instructions>. ``` ### Permissions and Security The notification email should go to the email address configured as the user's notification email address. ### Documentation If these notifications are configurable per user or instance, that will need to be documented, but there is value in doing this for all logins as the MVC. ### What does success look like, and how can we measure that? The impact to accounts compromised due a leaked or stolen password is reduced, with less time elapsed before being reported by a user and increasing the effectiveness of support and security teams ability to investigate sooner. ### Availability & Testing <!-- This section needs to be retained and filled in during the workflow planning breakdown phase of this feature proposal, if not earlier. What risks does this change pose to our availability? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? Will it require cross-browser testing? Please list the test areas (unit, integration and end-to-end) that needs to be added or updated to ensure that this feature will work as intended. Please use the list below as guidance. * Unit test changes * Integration test changes * End-to-end test change See the test engineering planning process and reach out to your counterpart Software Engineer in Test for assistance: https://about.gitlab.com/handbook/engineering/quality/test-engineering/#test-planning --> **What risks does this change pose to our availability?** This feature is low risk to GitLab.com's availability **How might it affect the quality of the product?** This will improve the product's security and therefore, its overall quality. **What additional test coverage or changes to tests will be needed?** Ensure that email is sent on: - New login from a new IP address and a new client Ensure that email is NOT sent on: - New login from a previously used IP address and a previously used client - New login from a previously used IP address but a new client - New login from a new IP address but a previously used client - New login from a previously used IP and device but a new client - New impersonation session **Will it require cross-browser testing?** This will not be necessary as the core functionality being added in this issue is not FE heavy. All tests can be covered at unit and feature level. No new end-to-end tests should be needed. ### Links / references
issue