Zum Inhalt

Authentication

Two-Factor Authentication

Activate

Two-factor authentication can be enabled by adding an entry to the .env file:

2FA=1

In the settings (two-factor-auth-role), you can specify a role for which 2FA is mandatory. For example, if "editor" is specified, 2FA will be required for both editors and admins.

Deactivate 2FA for a User

If a user has lost their two-factor authentication secrets and does not have a recovery code, it is possible to reset their 2FA settings so they can set it up again.

Registration

User registration can also be enabled via the .env file:

REGISTRATION=1

Make 2FA Mandatory for Users

Using the two-factor-auth-role setting, you can specify a role for which 2FA is mandatory. All users with this role or a "higher" role will be required to use 2FA.