What's coming in 2.2 - 2FA



  • We are working on pushing out 2.2 early next week. The main feature planned is 2FA/TOTP support for the cloudron.io login and the dashboard.

    Users will see a button in their profile section to setup 2FA. You can use Google Authenticator, FreeOTP or similar app to generate one time passwords.

    To keep things simple this option will only enable 2FA for the dashboard login. App logins will not requires 2FA. From our initial investigation, many apps already support 2FA and making up some scheme like password+otp will have to carefully thought through from a UX perspective.



  • 2FA is a long awaited feature for me. Thanks for including it! :)



  • @girish
    Superb. Very, very pleased!
    I understand about app 2FA, compared to dashboard 2FA; that will need careful development.

    Much appreciated!

    Before 2FA, the dashboard was a sitting duck with a 30 character password length limit.



  • 2fa support has been deployed to cloudron.io. You will find the option under security settings.

    ATM, it is useful only for our managed customers as the box code has not been updated yet to send 2fa code for the app store login.



  • Alright, we have integrated most of the changes.

    There is now a 2FA button in the Account section:

    0_1524780118870_enable_2fa.png

    Clicking on it, will bring up a QR code secret to scan:
    0_1524780173950_2fa_dialog.png

    If you lose the 2FA token/device, you have to SSH in and run some commands (will be documented).



  • OK, we have started rolling out 2.2 for managed customers.



  • Surprise surprise - Gandi and GoDaddy DNS integrations are landing as part of 2.2 release :-)

    0_1525721256768_gandi.png