Add Hurricane Electric caveats

[stacksjb]

Hurricane Electric only supports 2fa for their IPv6 tunnels. They do not support if for their DNS service.

EDIT: See bottom post: IPv6 Tunnels = tunnelbroker.net, not ipv6.he.net which shares login with dns.he.net. Both support it but must be set up separately.

[mxxcon]

Are they 2 different accounts?

[stacksjb]

No, you can utilize the same login/account for all services; but if you log into DNS you will not be prompted for 2fa, even if you have it setup on IPv6 (where it will prompt you)

DNS records are definitely something worth protecting so not sure why they don't support it there.

[mxxcon]

do you mind making a pull request to add that exception? and/or contact their support to confirm if that's intentional? maybe it's a bug they are not aware of.

[NathanielMaier]

I just tried this and was prompted for 2FA on both sites. I logged into https://ipv6.he.net, enabled 2FA, logged out of that site, back in (required 2FA); then logged into https://dns.he.net, which also required 2FA. Maybe HE fixed this issue already.

[mxxcon]

@stacksjb can you confirm this?

[stacksjb]

I will have to contact them - if I log into ipv6 I am prompted (after enabling on account) but if I log into DNS (same creds) i am never prompted for 2fa

On December 10, 2015 8:33:25 PM MST, mxxcon notifications@github.com wrote:

@stacksjb can you confirm this?

---

Reply to this email directly or view it on GitHub: https://github.com/2factorauth/twofactorauth/issues/1449#issuecomment-163827790

Sent from my Android device with K-9 Mail. Please excuse my brevity.

[stacksjb]

This can be resolved. Tunnel broker.net and dns.he.net (and ipv6.he.net) use different auth. You can log in with the same creds on ipv6 and dns, but not tunnelbroker.

They do support it on both, but there isn't a place in the UI on the dns.he.net page to set it up. I had to set up the 2fa on ipv6.he.net and then it worked on dns.he.net. For tunnelbroker.net, I had already set it up.

All in all it works just unclear. Thanks!