OPNsense Forum

English Forums => General Discussion => Topic started by: hockey6611 on June 18, 2020, 07:23:27 pm

Title: TOTP GUI Login for Admin and no TOTP for user login
Post by: hockey6611 on June 18, 2020, 07:23:27 pm
When a TOTP server is enabled, is there a way require TOTP for some accounts but not for others?

I noted related thread https://forum.opnsense.org/index.php?topic=9690.msg44232 (https://forum.opnsense.org/index.php?topic=9690.msg44232), but this does not address my question.

An admin account would login with TOTP with full GUI privlages. A user (with only vpn and password manager GUI privlage), would be able to login without TOTP.

I have found that enabling both Local and Local+TOTP authentication servers, allows admin user to login in both with and without TOTP. When only Local+TOTP a user cannot login.

Is there a way to enable the admin to login only with TOTP, and still allow the user to login without TOTP?