[nodebb-plugin-2factor] Two-Factor Authentication
-
when i try to add a hardware key i instantly get the message "hardware key registration abborted" and in the logs i found this:
2023-11-20T06:03:39.301Z [4567/995] - info: [plugin/2factor] Denying socket access for uid 2 pending second factor.Any idea how I can fix this?
-
2-factor is: 7.4.0
Board is: v3.5.1. -
I also noticed that the 2fa isn't working for me too.
I generate the first code to test the application, that works, but when i want to log in later, it doesn't recognize the code, and i have to use a backup code -
@RazielKanos I just tested v7.4.0 against latest
developand there are no issues with registering 2FA.Just to be sure I also waited until the code rolled over to a new set and that also worked. Any errors on the backend?
Could it be your server clock is out of sync? If it is too far out, then the code it is expecting will not match your code.
-
@darkpollo that in my view defeats the entire purpose of 2fa. If your email was hacked, they'd also have the two factor which is what your are looking to secure in the first place.
-
@phenomlab @darkpollo agreed. If there's a need for it it'd be a good separate plugin, same for a "magic link" style login plugin.
-
Using mail for 2FA is an oxymoron. Just a few steps worse than using SMS.
The most secure factors are a key (I use Yubi Keys) and then the code used by apps.
I would NOT encourage dependence on email for 2FA.
I think it is used to be an option pre XF 2.3, but it shouldn't have been and it was mentioned to them. They finally went passkeys/code via app/backup code and got rid of the email option.
