Which UI do you use?

Custom UI

Pre built UI

Allow opening login urls on new devices

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:

proposed

Deciders:

rishabhpoddar, porcellus

Proposed by:

porcellus

Created:

2022-10-25

Context and Problem Statement

We need to decide if we want to allow logging in by opening links sent by email on a new device/browser (not the one that started the login process). The intended flow is to open the url on the device that started the login process.

Considered Options

• Disallow
• Allow
• Allow - require interaction
• Allow - show info about the user on the FE and require interaction

Decision Outcome

We've decided to allow sign in after the user is shown a screen where they can see the user they are logging into.

Pros and Cons of the Options

Disallow

Simple to explain/communicate

Other providers do this

Blocks the attack vector of forwarding/crafting a login link

We'd be removing functionality

Allow

Keeps current functionality

URL scanners of email servers/providers may open and (sometimes) consume the link

An attacker could forward (or craft) a login link and trick a user into logging into their account (and steal their data)

Allow - require interaction

Keeps current functionality

Requiring a button click blocks url scanners from consuming the link

An attacker could forward (or craft) a login link and trick a user into logging into their account (and steal their data)

Allow - show info about the user on the FE and require interaction

Keeps current functionality

Requiring a button click blocks url scanners from consuming the link

The user can see the user they are logging into (email/phone number)

We need to validate/fetch user information on the FE

Still a possible vector for spear-phising