doobry-systemli
doobry-systemli
Yeah, just experienced the same: it doesn't work as intended in Firefox on Desktop :disappointed:
Open questions where I would appreciate input: ## Do we want to reset 2FA during recovery process? * Pro: User can restore their account when 2FA device got lost *...
Support for backup codes is now implemented (and covered by behat tests). Six backup codes are generated automatically during twofactor configuration. The user is asked to acknowledge that they stored...
> Thanks for your awesome work. I haven't looked at the code yet, but I would like to provide some input for your questions: > > > Do we want...
Mh, I don't think it's necessary.
> I would prefer to add a field to the Domain entity which represents this issue. With a field we can query all domains a user can use for registration....
> To not break pseudonymity, I would encourage or maybe even enforce to not have multiple addresses per key. For the record: the userli WKD implementation already does this and...
I started looking into this. The rough plan is: * Second factor is only required for userli login (not IMAP/POP3/SMTP). * For now only TOTP/google authentcator support. Webauthn etc. can...
> Generally, any work on this is highly appreciated. Thanks! Can you clarify the rationale behind just enabling it for HTTPS? In my opinion, this doesn't make too much sense...
By the way, I plan to use https://symfony.com/bundles/SchebTwoFactorBundle/ for the Two-factor implementation.