Introducing TOTP to existing users

Andreas_1 · January 12, 2025, 5:47pm

Hi there

so I have a handfull of existing users. Now I want to introduce TOTP for security reasons. E-Mails do not work for obvious reasons (all Microsoft Cloud, no SMTP sending possible). Now, when I enable 2FA by setting it to true in the config file according to the documentation, users who are already logged into the panel see the “Setup one-time codes” option in the user menu and can do so.

However, user who not have done that cannot log in with their passwords anymore but are asked for a code which has not been sent via e-mail so they cannot login.

The normal behaviour would be that users can still login via password if TOTP has not been set up and they are asked to set it up, no?

What am I doing wrong where?

Thanks
Andreas

texnixe · January 12, 2025, 6:14pm

No, this is correct. If you enable 2FA, by default users are sent a code via email, and that is replaced with TOTP once they enable it.

Enabling 2FA and not use one form of 2FA or the other is not possible.

I do agree though that setting up TOTP should be possible without enforcing 2FA for all.

Topic		Replies	Views
Two-step or two-factor authentication 2fa code never received Questions v3	4	570	June 10, 2022
[Your login code] – I need to disable the action Your access code Questions v4	4	33	August 30, 2024
Emails for Passwordless or 2fa Login not sent anymore Questions v3	4	337	November 4, 2023
Enable 2FA only for the admin role? Questions	6	68	August 19, 2024
Facing issue with setting up 2fa and email Questions v3	13	517	November 24, 2023

Introducing TOTP to existing users

Related topics