2fa for clients

Hi guys

Someone did install any 2fa plugin to incorporate this feature to the server?

Hi,

Have you tried the option to force users to re-authenticate to the web interface in order to keep their VPN sessions? It’s in the web UI security area.

This would be something that would be nice to implement into a Firezone client when its available in future to make it more user friendly.

1 Like

I’ve asked the same question. Currently not.

I’ve asked the same question. Currently not.

Are you referring to TOTP-based 2FA? You can enable it for email/pass authentication for any user, including admins.

If you’d like to limit user auth to only Google, you can set this up via OIDC and then disable local auth.

Or if you have a list of emails you’d like to whitelist for auth, you can create these users first (leave passwords blank), and then disable the auto_create_oidc_users setting.

Does that help? If not, could you clarify a bit more?