Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
2fa with Google Auth
« previous
next »
Print
Pages: [
1
]
Author
Topic: 2fa with Google Auth (Read 6198 times)
kapara
Jr. Member
Posts: 97
Karma: 3
2fa with Google Auth
«
on:
October 27, 2016, 07:20:09 pm »
I am curious how this works. Is the two factor communicating directly with Google or does this service work through a server hosted by opnsense. If I change the firewall name or domain in the firewall will it break the 2fa as in google auth app it says fadmin@OPNsense
Also if the backup is disabled to force login with 2fa if for some reason I am unable to login again is there a way to disable from SSH or console so that I can get back in?
«
Last Edit: October 27, 2016, 08:25:51 pm by kapara
»
Logged
franco
Administrator
Hero Member
Posts: 17668
Karma: 1611
Re: 2fa with Google Auth
«
Reply #1 on:
October 28, 2016, 09:20:47 am »
Hi kapara,
Today, we do not need Google anymore for this. The QR code is displayed using Javascript and you can find other TOTP-based apps in your phone's respective app store. I just tried it for the first time (not the author of that integration) and it works fine. I used the "Authenticator" app from iOS.
TOTP is a standard RFC, you can read about it here:
https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
Tokens are time-based, they don't work for longer than 30 seconds. So when you have to log in again you need to use a new token.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
2fa with Google Auth
