Hi I’ve enabled 2fa at webmail and tested successfully using the available button but on logoff/login I am not asked for 2fa codes at all, what am I missing?
To add to that: are there plans to merge 2fa for the email and nextcloud part of disroot?
Currently I have to store 2 sets of recovery codes, scratch codes and 2 entries in my otp authenticator app.
First to your second question about merging 2fa codes. Please do not do it. If you have access to someones email account you can reset every other service to gain access. So I am against it.
Your first question, I have 2fa set up for email and it works. You need to visit the settings page in the web mailer and click 2fa again. It is not activated after set up. First you do the set up then you activate it.
Thank you for the reply, indeed more 2fa would be more secure, it was my impression that one disroot account could be used for all services, like it is with Gmail.
As for 2fa, apparently you have to test 2fa, the test button turns green, you close the dialog via the x then the checkbox for “Enable 2-Step verification” is enabled.
It’s not very intuitive.
I believe that is the plan. Ldap based login is already used for some stuff @muppeth - Still I am against sharing any login information with the email account. Everything else could be one login as far as I care.