2FA for all LDAP apps

hendrikvl

Just searched the forum for any news on 2FA and am happy that the discussion came up again. I would also endorse the proposal of PASSWORD;TOTP. Having no 2FA for some of the apps makes me somewhat nervous nowadays.
I totally understand that this is less than ideal from an UX perspective, but I don't see how it would hurt if admins can optionally enable it.

girish

@hendrikvl Yes, we will try to add this in the next release. This current release (6.1) we pushed out has 2FA for the proxy auth apps now.

humptydumpty

@girish I just logged into Wordpress (dev) with my CR user that has 2FA enabled and it didn't ask me for the code. Is there an option I need to enable somewhere or is this feature still on the to-do list?

girish

@humptydumpty that's correct, this feature didn't get implemented. The 2FA is only implemented on the Cloudron side and not for the apps. There was a parallel discussion going on about how to show what kind of auth is being used in an app in the dashboard. I think we need to show some indication to the user about how to log in before implementing this feature.

gog122

3 years later any plans to have 2FA feature ?

nebulon

We are moving one app after the other over to OpenID connect where we can use Cloudron 2FA which exists for a long time now. LDAP has no proper standard to do this as such.

girish

I will mark this as solved. LDAP standard hasn't moved to support 2FA and neither have apps settled on a pseudo standard. There is not much we can do.