2FA for RC?
-
@humptydumpty I'd just make a very long password and trust in fail2ban
Web Design & Development: https://www.evergreen.je
Technology & Apps: https://www.marcusquinn.com -
@humptydumpty I'd just make a very long password and trust in fail2ban
-
@marcusquinn I didn't do/config anything with fail2ban. Is it good enough using the default settings? My pass is over 50 characters long with a mix of symbols.
It's still nice to have 2FA though.@humptydumpty yeah, Cloudron already thought of that all for us
I know what you're saying, and I like 2FA because it mostly protects people that reuse passwords, but it's really no more secure than good long password if you use unique passwords and a solid password manager.
Web Design & Development: https://www.evergreen.je
Technology & Apps: https://www.marcusquinn.com -
@humptydumpty yeah, Cloudron already thought of that all for us
I know what you're saying, and I like 2FA because it mostly protects people that reuse passwords, but it's really no more secure than good long password if you use unique passwords and a solid password manager.
-
@marcusquinn In that case, between Cloudron and Bitwarden's pass generator, we're all set.
@humptydumpty yuuuup!!
-
I haven't checked Roundcube - but best advice is for force a minimum 12-char password on any app that has that ability for user's security. It's difficult to enforce uniqueness but easier to encourage it if people are using Bitwarden or similar since it's so easy.
-
More password geeking here: https://brandlight.org/h/policies/password-security-policy/
Web Design & Development: https://www.evergreen.je
Technology & Apps: https://www.marcusquinn.com -
More password geeking here: https://brandlight.org/h/policies/password-security-policy/
-
@marcusquinn Nice article. I'd like to share this security tip I picked up about Authy. Make sure to disable Multi-device after setting it up. IIRC, it's disabled by default but some people might leave it on after setting up multiple devices.
@humptydumpty Yeah, I only use Authy if there's no TOTP code available to save into Enpass/Bitwarden. I do have multi-device but pretty well locked-down through various layers on each.
-
@humptydumpty said in 2FA for RC?:
Anyone using 2FA TOTP with RC? The plugins I've found are couple of years old.
This plugin was updated as recently as 4 months ago and works just fine: https://github.com/alexandregz/twofactor_gauthenticator
-
@humptydumpty said in 2FA for RC?:
Anyone using 2FA TOTP with RC? The plugins I've found are couple of years old.
This plugin was updated as recently as 4 months ago and works just fine: https://github.com/alexandregz/twofactor_gauthenticator
@necrevistonnezr It's working great. Thank you!
I know I'm going to need this when it's time to update the plugin. Make sure to remove the -master from the folder name so it's just "twofactor_gauthenticator" and use the code mentioned in the Cloudron doc page, and not the one on the plugin's github page.
array_push($config['plugins'], 'twofactor_gauthenticator');
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login