Inactive 2FA report should utilize local and global equivalent domains

Inactive 2FA report should utilize local and global equivalent domains

Feature function

  • What will this feature do differently?

Right now hosts in the URI are passed to inactive 2FA reports.

I have a login for sonyentertainmentnetwork.com that lacks TOTP. This does not match anything in 2fa.directory.

Bitwarden already has a global domain equivalency pairing sonyentertainmentnetwork.com and playstation.com

The URI host playstation.com has a 2fa.directory entry. It would generate a recommendation.

The platform should leverage the equivalent domains.

  • What benefits will this feature bring?

I’m certain other users are missing recommendations.

Hi @tendervittles and welcome to the community.

I really like the idea of using the equivalent domains and this will result in better reports.

The 2fa.directory does support the field additional-domains. This field can be used to add the equivalent domains on the 2fa.directory directly, which everyone who uses that listing would benefit from. We currently also use that field in the reports as long as it is filled.

Would that be feasible to add it the equivalent domains there instead?

I haven’t looked deep into their contribution guidelines, but if you’d like to start adding them, I’d suggest keeping the PR’s small, as that makes it easier to review and is more likely to get merged.

Also thank you for your other 2fa-related PR :+1: I’ll add that to our internal board for review.

Kind regards,
Daniel

@djsmith85

Thanks for the suggestion.

I wasn’t aware of the additional-domains field.

I’ll take a look at that this week.

1 Like