2FA Security of Account

This is related to the current offering of 2FA within Icedrive, and from what I’ve read on this forum, same issues has been highlighted for number of months!

2FA is very important part of account security and as such I would hope it works, or at least better than current.

My issues:

  1. You can only setup one method of 2FA.
  2. FIDO/U2F does not work, API has not been updated to allow with new browsers, this is available and could be fixed.

1. Allow more than one method of 2FA to be setup and active.
2. 1. If someone loses there phone / access to authenticator etc or just does not have it to hand, they should be able to use FIDO or SMS.
3. If you have FIDO/U2F, then there needs to be option to have more than one key registered.
4. Need ability to have two-factor authentication recovery codes

As this is to do with account security, can we have some meaningful reply on when this will be fixed please ?


For the reasons you’ve given Icedrive is not a credible product. I tried engaging with them but clearly they either don’t understand or don’t have the resources to fix.

1 Like

I’ve given them the link to the updated API for sorting out FIDO/U2F for Yubikeys, so fingers crossed they will fix that quickly. But is pointless fixing if they also do not support more than one key, more than one 2FA and recovery keys. Too risky otherwise.

I’ve got remainder of month to see what happens, but can’t stay if the account security is not there.

2FA this morning not working with SMS in the UK. Fortunately I was still logged in on another device and managed to disable it.

Add it to the list of faults that never appear to get fixed!

Very lucky there, to be still logged in on other device.

They did reply to a ticket of mine stating looking at 2FA for a future update, but then they said it would be in “next few months”. Not good, something like 2FA can be fixed faster and released, do not need to wait for other features. Fix the security of account first, that is the important part.


To Admin…
Can we have a reply on “when” we will see the 2FA fixed / improved.?

Does not take long to fix this security issue, why not fix and release rather than hold back to some bigger update !