On 1/16/24 17:55, Todd Zullinger wrote:
ToddAndMargo via users wrote:
On 1/16/24 15:44, Samuel Sieb wrote:
On 1/16/24 15:42, Samuel Sieb wrote:
You are misunderstanding how this works. That QR code contains a
secret value that lets the OTP application generate the 6 digit
codes as needed. There is no actual code in the QR code.
To clarify further, you only need the QR code *once*. After that, you
use the application to give you the code you need when asked for.
This what I am after. A program presents a QC splotch. A
user scans it with their Android phone and reads it into
FreeOTP. FreeOTP coughs out a six digit code, which
I enter.
There are a number of apps which support multi-factor
authentication for Fedora. Just three of which I am aware
of in the main repository are:
google-authenticator
keepassxc
secrets
There may be others. You should search for MFA, 2FA,
multi-factor authentication and such.
https://gitlab.gnome.org/World/Authenticator is available as
a flatpak.
There's also https://authenticator.cc/ which is a browser
extension. (Though IMO, doing MFA in an extension seems to
be defeating the purpose of MFA. Or at least it brings in
more risk than I could justify.)
I don't use any of these apps. I like my MFA app being on a
separate device like an Android phone. Or, even better, I
avoid TOTP MFA entirely and use FIDO2 via a YubiKey.
I can't figure out how to import a qc splotch into
either keepassxc or secrets. And I do not trust Google
as far as I can ...
--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
