root/f7cloud_client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f390426546
f7cloud_client/core/doc/user/user_2fa.html
root 8b6a0139db f7cloud_client 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-17 22:59:26 +00:00

316 lines
15 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="./">
<head>
<meta charset="utf-8" />
<meta name="readthedocs-addons-api-version" content="1"><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Using two-factor authentication &mdash; F7cloud latest User Manual latest documentation</title>
<link rel="stylesheet" type="text/css" href="_static/pygments.css?v=b86133f3" />
<link rel="stylesheet" type="text/css" href="_static/css/theme.css?v=e59714d7" />
<link rel="stylesheet" type="text/css" href="_static/copybutton.css?v=76b2166b" />
<link rel="stylesheet" type="text/css" href="_static/custom.css?v=8ff6e0db" />
<link rel="stylesheet" type="text/css" href="_static/dark_mode_css/general.css?v=c0a7eb24" />
<link rel="stylesheet" type="text/css" href="_static/dark_mode_css/dark.css?v=70edf1c7" />
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=a49d5d77"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/clipboard.min.js?v=a7894cd8"></script>
<script src="_static/copybutton.js?v=f281be69"></script>
<script src="_static/dark_mode_js/default_light.js?v=c2e647ce"></script>
<script src="_static/dark_mode_js/theme_switcher.js?v=358d3910"></script>
<script src="_static/js/theme.js"></script>
<script src="_static/js/versions.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
<link rel="next" title="Manage connected browsers and devices" href="session_management.html" />
<link rel="prev" title="Universal access" href="universal_access.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="contents.html">
<img src="_static/logo-white.png" class="logo" alt="Logo"/>
</a>
<div class="switch-menus">
<div class="version-switch"></div>
<div class="language-switch"></div>
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="index.html">F7cloud latest user manual introduction</a></li>
<li class="toctree-l1"><a class="reference internal" href="webinterface.html">The F7cloud Web interface</a></li>
<li class="toctree-l1"><a class="reference internal" href="files/index.html">Files &amp; synchronization</a></li>
<li class="toctree-l1"><a class="reference internal" href="groupware/index.html">Groupware</a></li>
<li class="toctree-l1"><a class="reference internal" href="talk/index.html">Talk</a></li>
<li class="toctree-l1"><a class="reference internal" href="desktop/index.html">Desktop Clients</a></li>
<li class="toctree-l1"><a class="reference internal" href="userpreferences.html">Setting your preferences</a></li>
<li class="toctree-l1"><a class="reference internal" href="universal_access.html">Universal access</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">Using two-factor authentication</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#configuring-two-factor-authentication">Configuring two-factor authentication</a></li>
<li class="toctree-l2"><a class="reference internal" href="#recovery-codes-in-case-you-lost-your-2nd-factor">Recovery codes in case you lost your 2nd factor</a></li>
<li class="toctree-l2"><a class="reference internal" href="#logging-in-with-two-factor-authentication">Logging in with two-factor authentication</a></li>
<li class="toctree-l2"><a class="reference internal" href="#using-two-factor-authentication-with-hardware-tokens">Using two-factor authentication with hardware tokens</a></li>
<li class="toctree-l2"><a class="reference internal" href="#using-client-applications-with-two-factor-authentication">Using client applications with two-factor authentication</a></li>
<li class="toctree-l2"><a class="reference internal" href="#considerations">Considerations</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="session_management.html">Manage connected browsers and devices</a></li>
<li class="toctree-l1"><a class="reference internal" href="external_storage/index.html">External Storage</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="contents.html">F7cloud latest User Manual</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content style-external-links">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="contents.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item active">Using two-factor authentication</li>
<li class="wy-breadcrumbs-aside">
<a href="https://github.com/f7cloud/documentation/edit/master/user_manual/user_2fa.rst" class="fa fa-github"> Edit on GitHub</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="using-two-factor-authentication">
<h1>Using two-factor authentication<a class="headerlink" href="#using-two-factor-authentication" title="Link to this heading"></a></h1>
<p>Two-factor authentication (2FA) is a way to protect your F7cloud account
against unauthorized access. It works by requiring two different proofs of
your identity. For example, <em>something you know</em> (like a password) and
<em>something you have</em> like a physical key. Typically, the first factor is a
password like you already have and the second can be a text message you
receive or a code you generate on your phone or another device
(<em>something you have</em>). F7cloud supports a variety of 2nd factors and
more can be added.</p>
<p>Once a two-factor authentication app has been enabled by your administrator
you can enable and configure it in <a class="reference internal" href="userpreferences.html"><span class="doc">Setting your preferences</span></a>. Below you can
see how.</p>
<section id="configuring-two-factor-authentication">
<h2>Configuring two-factor authentication<a class="headerlink" href="#configuring-two-factor-authentication" title="Link to this heading"></a></h2>
<p>In your Personal Settings look up the Second-factor Auth setting. In this
example this is TOTP, a Google Authenticator compatible time-based code:</p>
<figure class="align-default">
<img alt="TOTP configuration." src="_images/totp_enable.png" />
</figure>
<p>You will see your secret and a QR code which can be scanned by the TOTP app
on your phone (or another device). Depending on the app or tool, type in the
code or scan the QR and your device will show a login code which changes
every 30 seconds.</p>
</section>
<section id="recovery-codes-in-case-you-lost-your-2nd-factor">
<h2>Recovery codes in case you lost your 2nd factor<a class="headerlink" href="#recovery-codes-in-case-you-lost-your-2nd-factor" title="Link to this heading"></a></h2>
<p>You should always generate backup codes for 2FA. If your 2nd factor device
gets stolen or is not working, you will be able to use one of these codes to
unlock your account. It effectively functions as a backup 2nd factor. To
get the backup codes, go to your Personal Settings and look under Second-factor
Auth settings. Choose <em>Generate backup codes</em>:</p>
<figure class="align-default">
<img alt="2FA backup code generator" src="_images/2fa_backupcode_1.png" />
</figure>
<p>You will then be presented with a list of one-time-use backup codes:</p>
<figure class="align-default">
<img alt="2FA backup codes" src="_images/2fa_backupcode_2.png" />
</figure>
<p>You should put these codes in a safe spot, somewhere you can find them. Dont
put them together with your 2nd factor like your mobile phone but make sure that
if you lose one, you still have the other. Keeping them at home is probably
the best thing to do.</p>
</section>
<section id="logging-in-with-two-factor-authentication">
<h2>Logging in with two-factor authentication<a class="headerlink" href="#logging-in-with-two-factor-authentication" title="Link to this heading"></a></h2>
<p>After you have logged out and need to log in again, you will see a request to
enter the TOTP code in your browser. If you enable not only the TOTP factor
but another one, you will see a selection screen on which you can choose
two-factor method for this login. Select TOTP:</p>
<figure class="align-default">
<img alt="Choosing a two-factor authentication method." src="_images/totp_login_1.png" />
</figure>
<p>Now, just enter your code:</p>
<figure class="align-default">
<img alt="Entering TOTP code at login." src="_images/totp_login_2.png" />
</figure>
<p>If the code was correct you will be redirected to your F7cloud account.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Since the code is time-based, its important that your servers and
your smartphones clock are almost in sync. A time drift of a few seconds
wont be a problem.</p>
</div>
</section>
<section id="using-two-factor-authentication-with-hardware-tokens">
<h2>Using two-factor authentication with hardware tokens<a class="headerlink" href="#using-two-factor-authentication-with-hardware-tokens" title="Link to this heading"></a></h2>
<p>You can use two-factor authentication based on hardware tokens. The following devices are known to work:</p>
<ul class="simple">
<li><p>TOTP based:</p>
<ul>
<li><p><a class="reference external" href="https://shop.nitrokey.com/shop/product/nitrokey-pro-2-3">Nitrokey Pro</a></p></li>
<li><p><a class="reference external" href="https://shop.nitrokey.com/shop">Nitrokey Storage</a></p></li>
</ul>
</li>
<li><p>FIDO2 based:</p>
<ul>
<li><p><a class="reference external" href="https://shop.nitrokey.com/shop/product/nkfi2-nitrokey-fido2-55">Nitrokey FIDO2</a></p></li>
<li><p><a class="reference external" href="https://shop.nitrokey.com/shop/product/nitrokey-fido-u2f-20">Nitrokey FIDO U2F</a></p></li>
</ul>
</li>
</ul>
</section>
<section id="using-client-applications-with-two-factor-authentication">
<h2>Using client applications with two-factor authentication<a class="headerlink" href="#using-client-applications-with-two-factor-authentication" title="Link to this heading"></a></h2>
<p>Once you have enabled 2FA, your clients will no longer be able to connect with
just your password unless they also have support for two-factor authentication.
To solve this, you should generate device specific passwords for them. See
<a class="reference internal" href="session_management.html"><span class="doc">Manage connected browsers and devices</span></a> for more information on how to do this.</p>
</section>
<section id="considerations">
<h2>Considerations<a class="headerlink" href="#considerations" title="Link to this heading"></a></h2>
<p>If you use WebAuthn to login to your F7cloud be sure to not use the same token for 2FA. As this
would mean you are again only using a single factor.</p>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="universal_access.html" class="btn btn-neutral float-left" title="Universal access" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="session_management.html" class="btn btn-neutral float-right" title="Manage connected browsers and devices" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2016-2026 F7cloud GmbH and F7cloud contributors.</p>
</div>
</footer>
</div>
</div>
</section>
</div>
<!-- Here go the languages -->
<div class="rst-versions" data-toggle="rst-versions" role="note" aria-label="versions">
<span class="rst-current-version" data-toggle="rst-current-version">
🌐
English
<span class="fa fa-caret-down"></span>
 ☁️ latest
<span class="fa fa-caret-down"></span>
</span>
<div class="rst-other-versions">
<dl>
<dt>🌐 Languages</dt>
</dl>
</div>
<div class="rst-other-versions">
<dl>
<dt>☁️ Versions</dt>
<dd style="width: 32%">
<a href="https://docs.f7cloud.com/server/latest/user_manual"
style="color: var(--dark-link-color);"
>
latest
</a>
</dd>
<dd style="width: 32%">
<a href="https://docs.f7cloud.com/server/stable/user_manual"
>
stable
</a>
</dd>
<dd style="width: 32%">
<a href="https://docs.f7cloud.com/server/31/user_manual"
>
31
</a>
</dd>
<dd style="width: 32%">
<a href="https://docs.f7cloud.com/server/30/user_manual"
>
30
</a>
</dd>
<dd style="width: 32%">
<a href="https://docs.f7cloud.com/server/29/user_manual"
>
29
</a>
</dd>
</dl>
<dl>
<dt>Downloads</dt>
</dl>
<dl>
<dt>On Read the Docs</dt>
<dd>
<a href="///projects//?fromdocs=">Project Home</a>
</dd>
<dd>
<a href="///builds//?fromdocs=">Builds</a>
</dd>
</dl>
</div>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink