Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Feature Requests
  3. many authentication methods

many authentication methods

Scheduled Pinned Locked Moved Feature Requests
1 Posts 1 Posters 321 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A Offline
    A Offline
    adisonverlice2
    wrote on last edited by
    #1

    greetings guys.
    I would like to propose there should be other ways to authenticate than just username, password, or even TOTP.
    1 of the things you could do is allow for the Google oauth2.0 options, if the administrator has a Google cloud console client Id and secret. right now, as it is I'd have to configure my instence via cloudflare, and make it to where cloudflare access must be accessed first, then go through the tredissional authentication process
    yes, that is my cloudflare access setup, which, lol, feel free to break into, you won't find anything. but that's becides the point.
    another possibility is to intigrate something like the duo auth API, kinda like vaultwarden does.

    duo has many authentication options, like security key, hardware token, and SMS gateway, features cloudrons athentication doesn't have. it would also make it easier.
    there should also be more oauth options, like Facebook GitHub, discord, etc.
    if we had oauth options, this would allow for more authentication choice, and it would probably be more secure.
    for example, suno AI, into order to log into their applications, you
    must
    use oauth.
    I also forgot that if you used duo security, you wouldn't even have to worry about the Fido implementation. just sign up for duo, and you're good. oauth like Google also support Fido. so you're killing a couple of birds with a couple of features.
    I find it a little disappointing how cloudron doesn't have much authentication options.
    o another suggestion, the 2FA token option should only be presented when the correct username and password are entered.
    as a hacker, if I see that, I will know you have a TOTP before even the username and password is entered, and try t exploit it.
    thanks

    remember, don't overlook security. be safe online

    1 Reply Last reply
    0
    Reply
    • Reply as topic
    Log in to reply
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes


    • Login

    • Don't have an account? Register

    • Login or register to search.
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • Bookmarks
    • Search