2FA: Difference between revisions

From VoIPmonitor.org
Jump to navigation Jump to search
(Created page with "== Two Factor Authentication (2FA) == It's possible to use 2FA from GUI's version 20. Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are tim...")
 
 
(One intermediate revision by the same user not shown)
Line 3: Line 3:
It's possible to use 2FA from GUI's version 20.
It's possible to use 2FA from GUI's version 20.


Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are time limited.
 
=== Required ===
Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are time limited. (install ntp service there)


=== Settings in the GUI ===
=== Settings in the GUI ===


* user with admin permissions can activate 2FA's requirement for concrete user (in GUI->Users & Audit). When this user logs after this setting, then 2fa setup is required.
* user with admin permissions can activate 2FA's requirement for any user (in GUI->Users & Audit). When its enabled, the 2fa setup is required.
* admin user can delete actual 2FA secret from user's account (in GUI->Users & Audit)
* admin user can delete actual 2FA secret from user's account (in GUI->Users & Audit)
* user can change/setup its 2FA secret in the section GUI->User settings->Change user auth. This option joins the password and the 2FA setting.
* user can change/setup its 2FA secret in the section GUI->User settings->Change user auth. This option joins the password and the 2FA setting.
Line 25: Line 27:
=== Problem solving ===
=== Problem solving ===


* manual disabling of 2FA authentication for concrete user can be done directly in the database
* You can disable 2FA authentication for any user inside database with following query
  update users set secret = null, req_2fa = 0 where username = 'USER';
  mysql> update users set secret = null, req_2fa = 0 where username = 'USER';

Latest revision as of 17:41, 29 June 2018

Two Factor Authentication (2FA)

It's possible to use 2FA from GUI's version 20.


Required

Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are time limited. (install ntp service there)

Settings in the GUI

  • user with admin permissions can activate 2FA's requirement for any user (in GUI->Users & Audit). When its enabled, the 2fa setup is required.
  • admin user can delete actual 2FA secret from user's account (in GUI->Users & Audit)
  • user can change/setup its 2FA secret in the section GUI->User settings->Change user auth. This option joins the password and the 2FA setting.
    • follow the setup dialog

Setting of the 2FA code generator

you can use various 2FA applications:

Import account setting from QR code into yours application and start to use it.

Problem solving

  • You can disable 2FA authentication for any user inside database with following query
mysql> update users set secret = null, req_2fa = 0 where username = 'USER';