Build 3.7.8178

New Features

Two-Factor Authentication (2FA) for Non-SSO Users 

We are introducing Two-Factor Authentication (2FA) using standard time-based authenticator apps (e.g., Google Authenticator, Authy) for all password-based accounts. 

Administrators can configure 2FA on a per-workspace basis with three distinct modes: “Optional”, “At next login” (prompts users without immediately disrupting active sessions), and "Enforced immediately" (blocks access to the workspace until 2FA is configured).

2FA configuration is tied to the user account globally, meaning users only need to configure it once to access multiple workspaces.

Important Notes:

• This feature exclusively targets non-SSO users. Users logging in via SSO are logged in using their Identity Provider, which handles authentication.
• Users will be prompted to generate and save backup codes during the 2FA setup process. Using a backup code to recover an account will invalidate the current 2FA setup, requiring the user to re-enroll.
• 2FA setup is available via Desktop and Web clients. The login verification prompt is supported across Desktop, Web, and Mobile.

Password Reset 

We are introducing a self-service password reset flow for users who are not Owners of the workspace and who have lost or don't have access to both their password and backup identity.

Important Notes:

• Pending State & Re-invitation: Upon completing a password reset, the user is placed into a "pending" state for their respective workspaces. Workspace admins will receive an email notifying them to resend a workspace invite link, so the user can restore access. 
• Persistent Links: If the user retained their original workspace invite link, they can simply click it again to gain access without waiting for the admin.
• Owner Restrictions: To prevent accidental loss of the workspace access, Workspace Owners cannot utilize this self-serve reset flow and must contact support for assistance.