Differences

This shows you the differences between two versions of the page.

--- manuals:vps:users [2017/02/12 14:13] – created Aither
+++ manuals:vps:users [2019/05/17 17:06] – Add 2fa Aither
@@ Line 30: / Line 30: @@
 {{navody:vps:user_mail_templates.png?300|}}
+===== Two-factor authentication (2FA) =====
+Two-factor authentication for vpsAdmin using
+[[wp>Time-based One-time Password algorithm|TOTP]]
+can be optionally enabled. You then need both the password and TOTP to log in.
+When enabled, the two-factor authentication is mandatory for access to
+your account: in the web interface, using [[manuals:vps:api|API]] and
+[[manuals:vps:api#cli|vpsfreectl]]. Only the
+[[manuals:vps:api#authentication|token authentication]] can be used, HTTP basic
+will cease to work. At this time, it is not possible to log in to this
+knowledge base with 2FA, because our
+[[https://github.com/vpsfreecz/haveapi-dokuwiki|plugin]] does not support
+it (pull requests are welcome).
+FA can be enabled in profile settings (vpsAdmin -> Edit profile).
+{{:navody:vps:2faformular.png?200|}}
+You can setup TOTP e.g. on your mobile phone using applications like
+[[https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2|Google Authenticator]]
+or [[https://freeotp.github.io|FreeOTP]].
+vpsAdmin will show you a QR code which you scan into the application. The 2FA
+activation is then confirmed when you enter the one-time password that the
+application will show you. Alternatively, instead of scanning the QR code,
+you can enter the secret key manually.
+{{:navody:vps:qrcode.png?300|}}
+Once activated, you will be given a recovery code. This code can be used when
+you lose access to your authentication device. Do not save this code together
+with your vpsAdmin password. If you lose both the authentication device and
+the recovery code, you will have to contact our support to recover your account.
 ===== Authentication tokens =====

Knowledge base

User Tools

Site Tools

Differences

Page Tools