TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-23 10:58:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Website redesign

Browse Source
This commit is contained in:
eikek
2022-01-27 20:23:15 +01:00
parent 3fc7f54f1a
commit 261d2af9bb
248 changed files with 3519 additions and 1484 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
website/site/content/docs/webapp/totp.md
View File

@ -5,13 +5,15 @@ weight = 110
mktoc = true
+++
# TOTP
Docspell has built-in support for two-factor (2FA) authentication
using
[TOTP](https://en.wikipedia.org/wiki/Time-based_One-Time_Password)s.
For anything more, consider a dedicated account management tool and
[OpenID Connect](@/docs/configure/_index.md#openid-connect-oauth2).
# Setup
## Setup
A user can enable a TOTP as a second factor in their user settings. It
is required to have some external device to hold the shared secret. A
@ -23,7 +25,7 @@ and there are others as well.
In user settings, go to _Two Factor Authentication_ and click on
_Activate two-factor authentication_. This then shows you a QR code:
{{ figure(file="totp-01.png") }}
{{ figure2(light="totp-01.png", dark="totp-01_dark.png") }}
Open the app (or whatever you use) and scan the QR code. A new account
is created and a 6-digit code will be shown to you. Enter this code in
@ -37,12 +39,12 @@ in this case.
Once you typed in the code, the 2FA is enabled.
{{ figure(file="totp-02.png") }}
{{ figure2(light="totp-02.png", dark="totp-02_dark.png") }}
When you now login, a second login form will be shown where you must
now enter a one time password from the device.
# Remove 2FA
## Remove 2FA
If you go to this page with 2FA enabled (refresh the page after
finishing the setup), you can disable it. The secret will be removed
@ -51,14 +53,14 @@ from the database.
It shows a form that allows you to disable 2FA again, but requires you
to enter a one time password.
{{ figure(file="totp-03.png") }}
{{ figure2(light="totp-03.png", dark="totp-03_dark.png") }}
If you have successfully disabled 2FA, you'll see the first screen
where you can activate 2FA. You can remove the account from your
device. Should you want to go back to 2FA, you need to go through the
setup again and create a new secret.
# When secret is lost
## When secret is lost
Should you loose your device where the secret is stored, you cannot
log into docspell anymore. In this case you can use the [command line