DO Ideas 2

Add digitalocean account security by IP

Create the ability to whitelist IPs that are able to login to digitalocean. If you login from an unknown IP send an email to reject or deny access.

  • Keith
  • Sep 11 2018
  • Will not implement
  • Sep 11, 2018

    Admin Response

    We looked into creating white lists of IPs for access but instead opted to provide two factor auth as an added layer of security for logins. https://www.digitalocean.com/company/blog/introducing-two-factor-authentication/ Thanks, Moisey
  • Attach files
  • Kerry commented
    September 11, 2018 18:58

    Where does this stand now? It seems every time I login from a new computer it voids the old IP.. ? I rotate between 3 computers frequently, would be nice if trusted IP's/ logins could be bumped up just a bit.

  • Yes commented
    September 11, 2018 18:58

    2FA creates a single point of failure. By giving the user the ability to white list only their IP (Static) then you can rest easy knowing that the account is only accessible from a few locations. I need this for four locations all of which I have proof that we have static IPs.

    Any customer that wants white-listing enabled, must prove from their ISP or their profile must have a consistent three to six month login from the same IP(s) that they have static IPs. DHCP IPs will only cause more support tickets.

  • Moisey Uretsky commented
    September 11, 2018 18:58

    Great suggestion and we will certainly add it to the consideration list as we begin to review the public access that users have to their accounts and what steps we can do to add layers of security to that.

    Moving this to planned for discussion.