Supabase
Multi-Factor Authentication for Admin Panel [Dashboard] #12761
Replies: 7 comments 5 replies
-
|
This seems like pretty serious vulnerability that will prohibit many users from being able to adopt the platform. |
Beta Was this translation helpful? Give feedback.
-
|
Hey @dschnabel, @BigDarkAkula Thanks for our feedback! Adding MFA to our platform is on our roadmap - do stay tuned! Jo |
Beta Was this translation helpful? Give feedback.
-
|
Any updates on this? This seems really important. Thanks! |
Beta Was this translation helpful? Give feedback.
-
|
Same boat -- our team is hoping to deploy a product with Supabase under the hood, but this gives us pause. |
Beta Was this translation helpful? Give feedback.
-
|
Would self hosting be the alternative here to make sure your supabase instance secure from a brute force or some other type of attack? I REALLY don't want to do that. It would be really nice to know what the time horizon looks like to implement this type of functionality. |
Beta Was this translation helpful? Give feedback.
-
|
Hi @J0, is there an update on 2MFA for the admin dashboard? That's a significant roadblock for us. |
Beta Was this translation helpful? Give feedback.
-
|
Agree - nothing secure can be hosted on supabase when no data hosted here has mfa protection... I'd like to see MFA and IP restrictions on the admin panel. |
Beta Was this translation helpful? Give feedback.
-
|
Would pay for this! The lack of this feature is currently a dealbreaker for using Supabase for client projects 😞 |
Beta Was this translation helpful? Give feedback.
-
|
Please add this feature, this is really a big vulnerability! |
Beta Was this translation helpful? Give feedback.
-
|
@J0 any progress on this? |
Beta Was this translation helpful? Give feedback.
-
|
According to @awalias it's on the way.. |
Beta Was this translation helpful? Give feedback.
-
|
Hey all, Thanks for waiting - MFA is available on the dashboard now. Do read the docs around it here. You can enroll an MFA (TOTP) factor on the security page Going to close the thread but we will continue to take feedback in this discussion thread. Alternatively, feel free to open a separate thread as well. Thanks! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Update: this is now implemented and available on supabase.com
It seems that MFA is currently not possible for the admin panel (https://app.supabase.com/), only for projects. Securing the admin panel with MFA seems like an important feature to have, since an attacker could gain access to all the admin's projects and users data.
Are there any plans to add MFA to the admin panel?
Beta Was this translation helpful? Give feedback.
All reactions