Home› Welcome to the FamilySearch Community!› Blog Comments EN

The Importance of Security at FamilySearch

System
System admin
May 12 edited May 12 in Blog Comments EN
imageThe Importance of Security at FamilySearch

At FamilySearch, the security of our users' personal information is our top priority. In an increasingly digital world, safeguarding sensitive data is crucial.

Read the full story here

0

Comments

  • RasmussenDavidE1
    RasmussenDavidE1 ✭
    May 12

    I think rather than worrying about MFA, which almost no one will use unless it is mandatory, you should work towards implementing WebAuthn based passkeys. As a missionary at a FamilySearch center I frequently help people who have forgotten their password to recover their FamilySearch account. The process sends a message to their phone or email, which they interact with on their phone. This establishes that they have their phone and can read messages or email. An additional MFA step does not make the interaction any more secure and is just an annoyance.

    On the other hand, passkeys can allow the phone to authenticate the user via biometrics or the phone-unlock passcode which they remember because they use it daily. To authenticate them on a PC, the FamilySearch login could present a QR code and authenticate them using CTAP. The user doesn't need to remember a cryptographically secure password (most passwords aren't anyway). This would encourage them to use FamilySearch more often because signing in would be easy.

    0
  • Susie Carlson
    Susie Carlson mod
    June 1

    RasmussenDavidE1 Thank you for your suggestion. We have passed this along to the team.

    0
Clear
No Groups Found

Categories

  • All Categories
  • 43K Ask a Question
  • 3.4K General Questions
  • 571 FamilySearch Center
  • 6.8K Get Involved/Indexing
  • 644 FamilySearch Account
  • 6.5K Family Tree
  • 5.2K Search
  • 1K Memories
  • 2 Suggest an Idea
  • 476 Other Languages
  • 62 Community News
  • Groups