Security feature on setting OTP - option to verify 2fa setup

vatesfr / xen-orchestra

The global orchestration solution to manage and backup XCP-ng and XenServer.

https://xen-orchestra.com

Other

789 stars 267 forks source link

Security feature on setting OTP - option to verify 2fa setup #5880

Open akurzawa opened 3 years ago

akurzawa commented 3 years ago

for sake of completness - and not to lock out own xoa account after turing on OTP authentication, xoa should ask for the 2fa code from the generator before saving changes. I've seen it numerous of time where 2fa was setup and after saving setup user could not log in becouse of wrong 2fa code from the genrator.

julien-f commented 1 year ago

Thanks for this very well specified issue, we'll do it in XO6 :slightly_smiling_face: