Bug in 2FA Force
Solved
Support
-
Looks like there is not really a "Enforce" for 2FA.
First Login from the User
After this just open the URL
https://cloudronserver.server/#/apps
Now you can see the dashboard and login etc -
-
@savity said in Bug in 2FA Force:
After this just open the URL
Do you mean without setting up 2FA , you can open that URL for that user and just access the dashboard? What happens if you F5/refresh?
Also, the mandatory 2FA is implemented at client side/browser level and there are no server side checks.
-
-
-
-