Closed karli1 closed 4 years ago
urbels
commented
4 years ago As I understand from screenshots in https://plugins.roundcube.net/packages/alexandregz/twofactor_gauthenticator its not forced unless you choose to. Enrollment Users If config value force_enrollment_users is true, ALL users needs to login with 2-step method. They receive alert message about that, and they can't skip without save configuration
karli1
commented
4 years ago As I understand from screenshots in https://plugins.roundcube.net/packages/alexandregz/twofactor_gauthenticator its not forced unless you choose to. Enrollment Users If config value force_enrollment_users is true, ALL users needs to login with 2-step method. They receive alert message about that, and they can't skip without save configuration
Yes - that is what I also understand. Therefore a new "issue" (=> aka change request) to have a selective option. We will have users who should use 2FA, but most of them will not need to use 2FA (cause of the messages they receive).
urbels
commented
4 years ago Now I think I got it - you want to force it just for some not all, right? For others it is optional.
karli1
commented
4 years ago Yes. :) Prob either there is a way in the settings DB (which means that there needs to be some additional userinterface), or just in the php file (e.g. config file with comma seperated email-addresses)
alexandregz
commented
4 years ago You can use config.inc.php file to indicate specific users allowed to use plugin.
Other users don't have the plugin activated, even if they have previously plugin working and configurated (you need to force to use)
It would be great to have the option to use 2FA for some users and for some not. We have users where we don't want them to use 2FA (because there is no need for it), and others where we want them to have to use 2FA. Any plan to support such a setting? E.g. add it to the userprefs?