Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d79e0cd4
Commit
d79e0cd4
authored
Apr 03, 2019
by
Evan Read
Committed by
Achilleas Pipinellis
Apr 03, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix code block and other minor fixes
parent
db12e729
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
6 additions
and
7 deletions
+6
-7
doc/user/profile/account/two_factor_authentication.md
doc/user/profile/account/two_factor_authentication.md
+6
-7
No files found.
doc/user/profile/account/two_factor_authentication.md
View file @
d79e0cd4
...
...
@@ -162,8 +162,7 @@ a new set of recovery codes with SSH.
1.
Run
`ssh git@gitlab.example.com 2fa_recovery_codes`
.
1.
You are prompted to confirm that you want to generate new codes. Continuing this process invalidates previously saved codes.
```
bash
```sh
$ ssh git@gitlab.example.com 2fa_recovery_codes
Are you sure you want to generate new two-factor recovery codes?
Any existing recovery codes you saved will be invalidated. (yes/no)
...
...
@@ -208,17 +207,17 @@ Sign in and re-enable two-factor authentication as soon as possible.
-
You need to take special care to that 2FA keeps working after
[
restoring a GitLab backup
](
../../../raketasks/backup_restore.md
)
.
-
To ensure 2FA authorizes correctly with TOTP server, you may want to ensure
your GitLab server's time is synchronized via a service like NTP.
Otherwise,
your GitLab server's time is synchronized via a service like NTP. Otherwise,
you may have cases where authorization always fails because of time differences.
-
The GitLab U2F implementation does _not_ work when the GitLab instance is accessed from
multiple hostnames, or FQDNs. Each U2F registration is linked to the _current hostname_ at
the time of registration, and cannot be used for other hostnames/FQDNs.
For example, if a user is trying to access a GitLab instance from `first.host.xyz` and `second.host.xyz`:
For example, if a user is trying to access a GitLab instance from
`first.host.xyz`
and
`second.host.xyz`
:
- The user logs in via `first.host.xyz` and registers their U2F key.
- The user logs out and attempts to log in via `first.host.xyz` - U2F authentication succeeds.
- The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because
-
The user logs in via
`first.host.xyz`
and registers their U2F key.
-
The user logs out and attempts to log in via
`first.host.xyz`
- U2F authentication succeeds.
-
The user logs out and attempts to log in via
`second.host.xyz`
- U2F authentication fails, because
the U2F key has only been registered on
`first.host.xyz`
.
[
Google Authenticator
]:
https://support.google.com/accounts/answer/1066447?hl=en
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
