This feature enables two-factor authentication over Carbonio CE. From this module you as an admin will be able to set it for a single domain or for all domains in your server.
A TOTP (time-based one time password) secret will be generated for each user on their first login. Users MUST save it and use an App like FreeOTP to get the validation code in order to access their webmail.
To access the module, on the main menu click on Server > 2FA as shown in the image below.
In order to enable the module on your server just click the Enable button.
The Status notice will indicate if it is currently enabled or disabled.
| ⚠ Warning! Proxy will restart after enabling or disabling two-factor authentication on Carbonio CE. It might take a few seconds to see the changes. |
Once the service is enable, you may choose which domains will use 2FA or just select All for all domains. Then click Add.
In case individual domains have 2FA enabled will appear in the summary below:
In any case you will have the posibility to remove and disable 2FA for a domain from the list by clicking the button Remove. Be aware that this action cannot be undone.
Reset TOTP: To remove the secret for a specific user you will need to go back to the main menu and select Users from the list:
Then select the domain the user belongs to and click List Users
All users belonging to the domain are shown on the list; otherwise you can use the search bar to find the user you want; then click the modify icon on the right side of the screen for the choosen account.
Under Misc menu, scroll down to see the Reset button.
Just click on it to have the secret code reset.
See the video below for a practical guide