Check if second factor is U2F

Description

Contributor guide

Tech stack

javascriptaws

Domain

securityauthentication

Issue type

feature

DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.

3

Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.

half day

Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.

stale

ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.

mostly clear

Prerequisites

understanding AWS IAMknowledge of U2Ffamiliarity with CloudMapper codebaseJavaScript basics

Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.

45

Research direction

Investigate how CloudMapper currently handles multi factor authentication (MFA) by reviewing the codebase for any existing MFA checks. Look at the AWS IAM module to understand how user data is retrieved and where the MFA device type is accessed. The issue requires adding a check that the second factor is U2F rather than TOTP. Also, consider the note that U2F cannot be used from the command line, so the enforcement should exclude users who rely on access keys only. Relevant files may include commands related to security analysis or IAM user reports.