I’m using a GitLab Free account. I continually get a message to verify my identity via an email message anytime I open the GitLab window in my browser. (Safari on a Mac usually but occasionally Firefox on a Windows machine) This happens every singe day, and often multiple times during the day. I have clicked on remember me (both boxes) every time. I do not have 2FA on.
The issue with this is that I access Gitlab on 3 different machines and am not always in the same location. My email is POP and only on one machine in my office. When I am not in the office I do not have access to it. Yet I need to access and use my GitLab account when out in the field.
Is there any way to turn off the irritating re-verification process? I trust that I have a secure password so I am ok with the risks of not having a second verification every time I log in.
As per the blog: GitLab account security: Verify your information for enhanced protection
No you cannot, if you don’t want to do email verification every time, set up 2FA so that you can use your phone, Yubikey, etc as a 2FA method. Whilst you know your password is secure, Gitlab the application doesn’t.
As explained in the blog, it is forced and you cannot disable it. Alternatively, change your email associated with your account to one that you have that is accessible when you are not near your office computer. Like gmail, protonmail or whatever. If that isn’t an option, then you must add a 2FA option.
May be worth checking your cookie settings, you will get logged out whenever the cookies are cleared. I have GitLab cookies as “never clear” and am logged in for weeks at a time (pretty much only re-login on browser upgrade). I don’t have 2FA theatre enabled.
No options to set cookie settings in Safari other than to clear them or block or not block them. But as discussed above this is considered a “feature” not a bug and won’t be changed.