Skip to content
This repository has been archived by the owner on Feb 24, 2018. It is now read-only.

Need clarification on entire TOTP setup process #676

Open
ffxsam opened this issue Feb 6, 2018 · 2 comments
Open

Need clarification on entire TOTP setup process #676

ffxsam opened this issue Feb 6, 2018 · 2 comments

Comments

@ffxsam
Copy link

ffxsam commented Feb 6, 2018
edited
Loading

I'm having trouble figuring out how to set up TOTP from start to finish:

  1. User enables MFA.
  2. User gets presented with a TOTP code (which I assume I can run through a QR code library to generate a QR).
  3. User syncs code with their choice of MFA software (Authy, 1Password, etc).
  4. User gets prompted to enter verification code from MFA device to confirm.

The documentation for this repo is pretty lacking, and it's quite difficult to figure out how to do all this.

Also, do they have to set up SMS first? I would hope that users don't need to do that, because many may not want to use their phone number, not to mention it's unreliable to depend on text message for 2FA (someone might be in a place with no cell access).
@itrestian
Copy link
Contributor

No, SMS is not needed for TOTP. You would pretty much need to follow use case 26 to 28 on the readme for associating, verifying and enabling TOTP.

@ffxsam
Copy link
Author

ffxsam commented Feb 6, 2018

@itrestian Thanks for the help, I'll give it a try!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ffxsam @itrestian