What's coming in 2.2 - 2FA

girish

We are working on pushing out 2.2 early next week. The main feature planned is 2FA/TOTP support for the cloudron.io login and the dashboard.

Users will see a button in their profile section to setup 2FA. You can use Google Authenticator, FreeOTP or similar app to generate one time passwords.

To keep things simple this option will only enable 2FA for the dashboard login. App logins will not requires 2FA. From our initial investigation, many apps already support 2FA and making up some scheme like password+otp will have to carefully thought through from a UX perspective.

M-arcus

2FA is a long awaited feature for me. Thanks for including it!

A Former User

@girish
Superb. Very, very pleased!
I understand about app 2FA, compared to dashboard 2FA; that will need careful development.

Much appreciated!

Before 2FA, the dashboard was a sitting duck with a 30 character password length limit.

girish

2fa support has been deployed to cloudron.io. You will find the option under security settings.

ATM, it is useful only for our managed customers as the box code has not been updated yet to send 2fa code for the app store login.

girish

Alright, we have integrated most of the changes.

There is now a 2FA button in the Account section:

Clicking on it, will bring up a QR code secret to scan:

If you lose the 2FA token/device, you have to SSH in and run some commands (will be documented).

girish

OK, we have started rolling out 2.2 for managed customers.

girish

Surprise surprise - Gandi and GoDaddy DNS integrations are landing as part of 2.2 release