Actions
Feature #14222
open
Add additional checks to admin account when disabling - Prevent lockouts
Status:
New
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Description
Currently on a fresh copy of pfSense and only an admin account I am able to disable this 'admin' account. This is a problem and I would give 2 suggestions:
- Don't allow an admin account to be disabled when there are no other admin accounts.
- Pop-up a Modal when Disabled is checked with a message like 'There are no other administrator accounts present on this router. Are you sure you want to continue? YES/NO
I am aware you can regain access via the console if needed but I don't know how this plays into the security model and lockouts as outlined above.
No data to display
Actions