Skip to content

Don't allow enforcing 2FA unless the superuser has set it up already #17352

New issue
New issue
Closed
Closed
Don't allow enforcing 2FA unless the superuser has set it up already#17352
Labels
Help wantedBeginner friendly issues or issues where we'd highly appreciate community's help and involvement.c: UsabilityFor issues that let users achieve a defined goal more effectively or efficiently.
Milestone
4.5.0
@Findus23

Description

@Findus23
Findus23
opened on Mar 17, 2021

reported in https://forum.matomo.org/t/problem-with-the-two-factor-authentication-setting/41128

If a user who is unable to set up 2FA accidentally enables Require two-factor authentication for everyone, they are unable to disable it until they set up 2FA.
(or they update the setting in the db:

update matomo_plugin_setting
set setting_value=0
where setting_name = 'twoFactorAuthRequired'

)

I think this setting should only be allowed if at least one superuser has 2FA already set up (or maybe only if the current superuser has 2FA already set up)

Metadata

Metadata

Assignees

No one assigned

    Labels

    Help wantedBeginner friendly issues or issues where we'd highly appreciate community's help and involvement.c: UsabilityFor issues that let users achieve a defined goal more effectively or efficiently.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions