mirror of
https://github.com/nextcloud/twofactor_gateway.git
synced 2026-04-26 17:45:51 +03:00
[GH-ISSUE #143] [Mandatory 2FA] Prevent users from disabling 2FA #43
Labels
No labels
0. to triage
1. to develop
3. to review
blocked
bug
discussion
duplicate
enhancement
enhancement
gateway:signal
gateway:signal
gateway:signal
gateway:sms
gateway:telegram
hacktoberfest
help wanted
invalid
needs info
php
pull-request
question
technical debt
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/twofactor_gateway-nextcloud#43
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @kimsyversen on GitHub (Nov 11, 2018).
Original GitHub issue: https://github.com/nextcloud/twofactor_gateway/issues/143
Hi!
I'm currently testing twofactor_gateway and see users have the possibility remove/change 2FA method in their profiles. I'm adding users via a bash script and I want to force users using 2FA via SMS when I add them.
How can the possibility to disable 2FA be removed?
@ChristophWurst commented on GitHub (Nov 12, 2018):
Hi, @kimsyversen!
this is not supported right now, but I can see how it would make sense to have such a check for the very last 2FA provider that gets disabled with mandatory 2FA. There are a bunch of edge cases that makes this tricky to implement, so this needs some discussion beforehand.
@rullzer please transfer this to the https://github.com/nextcloud/server repo
@putt1ck commented on GitHub (Aug 28, 2019):
I think mandatory 2FA is now part of NC, but I think it's possible for the user with this app to then not configure any option, which locks them out from next login.