khanh.pndc/nextcloud-docs
1
0
Fork 0
mirror of https://github.com/nextcloud/documentation.git synced 2026-01-03 02:09:45 +07:00
Code Issues Packages Projects Releases Wiki Activity

fix: adjust two factor documentation

Browse Source 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
This commit is contained in:
Ferdinand Thiessen
2025-03-24 16:02:13 +01:00
committed by backportbot[bot]
parent be5d58b9ad
commit 21acb924f1
1 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
admin_manual/configuration_user/two_factor-auth.rst
View File

@@ -5,7 +5,7 @@ Two-factor authentication
=========================
Two-factor authentication adds an additional layer of security to user accounts. In order to log
in on an account when two-factor authentication (2FA) enabled, it is necessary to provide both the
in on an account when two-factor authentication (2FA) enabled, you must provide both the
login password and another factor.
To use 2FA two things must happen:
@@ -76,13 +76,16 @@ a user has 2FA enforced:
Provider removal
----------------
Nextcloud keeps records about the enabled two-factor authentication providers of every user. If a provider is simply removed/:ref:`disabled <apps_commands_label>`, Nextcloud will still consider the provider active for the user at login and show a warning like *Could not load at least one of your enabled two-factor auth methods*.
Nextcloud keeps records about the enabled two-factor authentication providers of every user.
If a provider is simply removed/:ref:`disabled <apps_commands_label>`,
Nextcloud will still consider the provider active for the user at login and show a warning like *Could not load at least one of your enabled two-factor auth methods*.
The associations of removed providers can be cleaned up via :ref:`occ <occ>`::
sudo -u www-data php occ twofactorauth:cleanup <provider_id>
.. warning:: This operation is irreversible. Only run it for providers you do not intend to enable again.
.. warning:: This operation is irreversible. Only run it for providers you do not intend to enable again as then you have to setup the configuration for all users from scratch.
Disabling two-factor authentication
-----------------------------------
@@ -91,6 +94,11 @@ Two-factor providers can be disabled via :ref:`occ <occ>`::
sudo -u www-data php occ twofactorauth:disable <uid> <provider_id>
User are free to enable this provider again via their personal settings.
This can be useful if the user forgot or lost their second factor.
Afterwards users are free to enable this provider again via their personal settings.
.. note:: This operation has to be supported by the provider. If this support is missing, Nextcloud will abort and show an error.
It is also possible to check the current two-factor user status via :ref:`occ <occ>`::
sudo -u www-data php occ twofactorauth:state <uid>