[pve-devel] applied: [PATCH manager 3/3] ui: use 2-step authentication for non-tfa realms

Thomas Lamprecht t.lamprecht at proxmox.com
Mon Apr 8 17:03:55 CEST 2019


On 4/8/19 1:58 PM, Wolfgang Bumiller wrote:
> (Ext.Msg.prompt() fails on firefox...)
> 
> Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
> ---
>  www/manager6/window/LoginWindow.js | 85 ++++++++++++++++++++++++++++++++++----
>  1 file changed, 77 insertions(+), 8 deletions(-)
> 

applied, followed up with the complete removal of the fixed OTP field in the initial
login window, IMO much better to have a stream lined experience here, and the behavior
of a realm enforced TFA, but no TFA set for an user on login is better with this, too.
As previously the OTP field was marked as required but an user could enter arbitrary
stuff, as no TFA to verify it against was there anyway, now he really only sees the
OTP entry field if it's also configured.




More information about the pve-devel mailing list