2fast-team/2fast

[Feature] Allow Protected Content Windows to be Disabled (Temporarily)

Opened this issue · 1 comments

Describe the problem this feature would solve

We currently use 2Fast on Windows for users who do not have access to a mobile device, allowing them to access MFA-protected systems. However, supporting users with setup issues or difficulties generating valid tokens/signing in has become challenging. This is due to the inability to view 2Fast through remote access programs or screenshots.

As a result, resolving these issues is often delayed, leaving users unable to access essential systems. In some cases, we have had to revoke all MFA sessions to set the user up with another 2Fast app, further complicating the process.

By allowing Protected Content Windows to be temporarily disabled by the user, would allow us to effectively troubleshoot any issues they have.

Describe the solution

The solution I propose would be a toggle switch within 2Fast that allows Protected Content Windows to be disabled (or reenabled again) by the user. When the user closes the program, the setting is reenabled, so that privacy is maintained for future sessions.

This would allow for us to be able to troubleshoot any issues by being able to view what the user can see.

Describe alternatives you've considered

If Protected Content Windows is not able to be updated immediately (i.e. with 2Fast running), due to it running within the OS, then alternative methods would need to be employed:

  • Allow this feature to be disabled entirely (however, presenting a privacy trade-off)
  • Research and implement alternative methods to prevent screen captures (such as DWM) that allow toggling.

Additional context & Screenshots

I am happy to research methods to make this work, after looking at the codebase, if this is seen to be a useful feature.

In addition to Feature #116, I feel like 2Fast would remain privacy orientated, whilst being a lot more useful for users.

By allowing Protected Content Windows to be temporarily disabled by the user, would allow us to effectively troubleshoot any issues they have.

It is currently possible to temporarily deactivate protection for screen recordings: https://github.com/2fast-team/2fast/wiki/Disable-the-screen-capture-protection-(not-permanent)

An interaction for temporary deactivation via a button in the application would also be an option that could be added in the future.