Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Displays in Google Authenticator #135

Open
copenhaus opened this issue Feb 1, 2017 · 9 comments
Open

Displays in Google Authenticator #135

copenhaus opened this issue Feb 1, 2017 · 9 comments
Labels
enhancement

Comments

@copenhaus
Copy link

Hi.

When I snap the barcode with my Google Authenticator, on the bottom it displays the Federated Cloud ID.

If I were to setup/enable 2FA settings on multiple accounts on my Google Authenticator, I can't tell the differences...

Can the display of Federated Cloud ID be changed to username?

Thanks....
@ChristophWurst
Copy link
Member

What does your federated cloud ID look like? I chose to use it because it's pretty unique, also if you're using many NC accounts.

@copenhaus
Copy link
Author

12345678-1234-4321-9257-FDFA5F682041@cloud.company.com...to me, it's like going to a website using its IP address (http://88.198.160.129), instead of FQDN (http://www.nextcloud.com)...IMHO...

@ChristophWurst
Copy link
Member

Ouch. I guess that's not the login name you're using to log on, is it? Does your instance use LDAP as user backend? I wonder where that long username comes frome …

@copenhaus
Copy link
Author

yes, my NC is integrated with Windows AD through LDAP.

@ChristophWurst
Copy link
Member

@blizzz any idea whether the federated cloud id should look like this when using an LDAP back end or this is caused by misconfiguration?

@mddeff
Copy link

mddeff commented Feb 8, 2017
edited

@copenhaus As a work around, you could switch to FreeOTP (rather than Google Auth) for your TOTP client; it allows you to rename the metadata fields on each OTP entry. Also, FreeOTP is FOSS (written by RedHat/Fedora), where as I believe Google Auth is closed source (or what they have open-sourced is out of date), and is available on iOS and Android (one less userguide to write for your users ;-) ).

Not a permanent solution, but at least it helps. I'd be interested to see the resolution, I'm seeing the same behavior,

@ChristophWurst ChristophWurst self-assigned this Feb 8, 2017
@blizzz
Copy link
Member

blizzz commented Feb 15, 2017

@blizzz any idea whether the federated cloud id should look like this when using an LDAP back end or this is caused by misconfiguration?

@ChristophWurst federated cloud it is always username@server and by default usernames are created of the UUID of the LDAP record, so, yes, this looks correct.

However, I believe we have a dirty hack in place that allows you to use your loginname instead, and it will be transformed by the server… but this is very dirty, very ugly 🙊

@ChristophWurst ChristophWurst removed their assignment Mar 6, 2017
@ChristophWurst
Copy link
Member

Labeling as enhancement because this only effects the name of the secret in your smartphone's app. The TOTP functionality should not be effected.

@nursoda
Copy link

nursoda commented Mar 7, 2017

When you're serious about 2FA/TOTP, use Mufri's "Authenticator Plus" (paid) app. You may change icons, label, overall look, add another security layer accessing TOTP (e.g. using Fingerprint), etc. and it can BACKUP all your secrets (complete config), so that you may reinstall on another phone. (Well, backup is important if you do NOT use a rooted phone.

@facb69 facb69 mentioned this issue Aug 11, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ChristophWurst @blizzz @nursoda @mddeff @copenhaus