[Lemmy] Update TOTP (2FA) Setup to present secret key.

Shadowstreik commented

2024-02-10 20:29:26 +01:00

During TOTP(2FA) setup, a "secret key' text should be displayed and available to use for when scanning of a QR code is not available.

I was able to, first, use the link in the lower section and utilize a native authenticator. However, within KeepasXC, there is no operability with that portion and also cannot read QR codes. I was able to utilize a separate QR code scanner with reads a very long QR code value and I was able to identify and use the secret key portion in order to set up the TOTP option inside KeepassXC.

During TOTP(2FA) setup, a "secret key' text should be displayed and available to use for when scanning of a QR code is not available. I was able to, first, use the link in the lower section and utilize a native authenticator. However, within KeepasXC, there is no operability with that portion and also cannot read QR codes. I was able to utilize a separate QR code scanner with reads a very long QR code value and I was able to identify and use the secret key portion in order to set up the TOTP option inside KeepassXC.

LEMMY_TOTP-Setup.png

34 KiB

Screenshot from 2024-02-10 13-48-03.png

21 KiB

meaz commented

2024-02-21 17:59:05 +01:00

Owner

@Shadowstreik what happens when you click on "2FA installation link"?

That isssue should be better reported on lemmy UI repo: https://github.com/LemmyNet/lemmy-ui/

@Shadowstreik what happens when you click on "2FA installation link"? That isssue should be better reported on lemmy UI repo: https://github.com/LemmyNet/lemmy-ui/

meaz added the

Lemmy

label 2024-02-21 17:59:12 +01:00

Shadowstreik commented

2024-02-21 18:26:46 +01:00

Author

@meaz If an authenticator app is installed on the PC, it attempts to open it and begin the setup. On my Linux Mint Debian Edition build, it does have an authenticator app included, natively. However, I use KeepassXC, with requires a text-based key in order to set up TOTP; it cannot read QR codes.

My thoughts were Lemmy has a toggle to enable the text-based key to use on the admin panel. If that's not the case, say so and I'll gladly head over to GitHub and report the issue, there.

@meaz If an authenticator app is installed on the PC, it attempts to open it and begin the setup. On my Linux Mint Debian Edition build, it does have an authenticator app included, natively. However, I use KeepassXC, with requires a text-based key in order to set up TOTP; it cannot read QR codes. My thoughts were Lemmy has a toggle to enable the text-based key to use on the admin panel. If that's not the case, say so and I'll gladly head over to GitHub and report the issue, there.

fede commented

2024-02-22 05:23:16 +01:00

Owner

I'm not sure if I understand the issue, @Shadowstreik
I was able to config the TOTP in my KeePassXC with the installation link provided by Lemmy. Yes, it has to be manually done, but I had no issues.

I'm not sure if I understand the issue, @Shadowstreik I was able to config the TOTP in my KeePassXC with the installation link provided by Lemmy. Yes, it has to be manually done, but I had no issues.

Shadowstreik commented

2024-02-22 05:52:15 +01:00

Author

I click on the Link button in Scribe and Authenticator opens up. The expected behavior is to have the Secret Key text displayed within Lemmy to allow Copy & Paste into KeePassXC (I'm on version 2.7.6) which cannot read QR codes.

The first image is inside Lemmy and does not display a Secret Key to copy and paste into the KeePassXC TOTP setup("Setup TOTP" pic). Clicking on the link button opens the native Authenticator app in LMDE. Some folks may not have an already installed authenticator app to obtain the key from and end up confused on how to proceed.

I click on the Link button in Scribe and Authenticator opens up. The expected behavior is to have the Secret Key text displayed within Lemmy to allow Copy & Paste into KeePassXC (I'm on version 2.7.6) which cannot read QR codes. The first image is inside Lemmy and does not display a Secret Key to copy and paste into the KeePassXC TOTP setup("Setup TOTP" pic). Clicking on the link button opens the native Authenticator app in LMDE. Some folks may not have an already installed authenticator app to obtain the key from and end up confused on how to proceed.

LEMMY_TOTP-Setup.png

34 KiB

Screenshot from 2024-02-21 23-37-15.png

37 KiB

Screenshot from 2024-02-10 13-48-03.png

21 KiB

meaz commented

2024-02-22 07:40:54 +01:00

Owner

@Shadowstreik I've checked, this is how this is implemented, I can not change this. That means you have to report that to Lemmy devs.

Shadowstreik commented

2024-02-22 15:27:29 +01:00

Author

Understood. Thank you for looking and will do! :D

Shadowstreik commented

2024-02-22 15:34:31 +01:00

Author

UPDATE

There, already a ticket in over on GitHub. It's been there since last Summer. Considering the tags placed on the report, one would think it would have, already, been addressed.

https://github.com/LemmyNet/lemmy-ui/issues/1863

UPDATE There, already a ticket in over on GitHub. It's been there since last Summer. Considering the tags placed on the report, one would think it would have, already, been addressed. https://github.com/LemmyNet/lemmy-ui/issues/1863

meaz added the

on hold

label 2024-02-23 16:22:35 +01:00

[Lemmy] Update TOTP (2FA) Setup to present secret key. #776