Store Email 2FA Codes Outside of Redis
Goal
Following our recent incident with 2FA codes failing to be understood as valid, we should investigate alternative ways to store 2FA codes for validation.
What needs to be done
Prior to starting work on this issue, we should first identity where we want to store the codes and how we want to retrieve them. After this, we can make the changes to engine.
QA
- Ensure email two factor codes still send
Acceptance Criteria
-
Store the two factor secret part in Cassandra instead of Redis -
Spec tests -
Cassandra schema AND TTL support
Definition of Ready Checklist
-
Definition Of Done (DoD) -
Acceptance criteria -
Weighted -
QA
Edited by Mark Harding