Hoax017
commented
3 years ago Can extention ask for two factor code ?
Open seansfkelley opened 7 years ago
Hoax017
commented
3 years ago Can extention ask for two factor code ?
Mavyre
commented
2 years ago More and more people are using 2FA. Any advancement on this? Any way to help on the dev on this?
seansfkelley
commented
2 years ago Any way to help on the dev on this?
All that really needs to happen is for someone to sit down and implement it. I'd happily review a PR, but I don't have any spare time for the foreseeable future to work on this project.
There's even a pattern one could follow in the fix to #190, though this quote from the original comment still applies:
This may interact really poorly with the existing auto-relogin behavior, because sessions sometimes expire at weird times, but we can't store the second factor (by design) to log back in.
EmSixTeen
commented
2 years ago Would really like this to be implemented.
TomLewis
commented
1 year ago Just installed this plugin and cant use it sadly as there's no support for 2FA :( Then just read that announcement, what a complete bummer.
Hoax017
commented
1 year ago Just installed this plugin and cant use it sadly as there's no support for 2FA :( Then just read that announcement, what a complete bummer.
Create specific account with no 2FA and restricted rights to connect him
In version 0.9.x and before, two-factor authentication accidentally worked in some extension/browser/DSM combinations due to the way cookies behave. I was forced to close out that accidental feature when DSM 6.2.4/7.0 made an unannounced breaking change causing the extension to start logging people out of their non-extension login sessions.
As a workaround, since the extension doesn't interact with any DSM session you might have outside the extension (i.e. in a browser tab), you can create a separate user with very few permissions but no second factor for use only with this extension. Alternately, you can downgrade to 0.9.3.
This may interact really poorly with the existing auto-relogin behavior, because sessions sometimes expire at weird times, but we can't store the second factor (by design) to log back in.
As a stop-gap for all the people asking for this, maybe I could introduce a "share login with browser" checkbox which disables the login behavior in the extension and asks people to login with a browser tab, thereby getting 2FA via a side channel again.