Wiki
Clone wikifonzobot-discord / 2FA
Two-Factor Authentication (2FA)
I support two-factor authentication. Yep--that's right, I'm nifty ain't I? :)
Most standard 2FA Authenticator applications will do.
Usage
-
Get a working Authenticator app.
-
You need to have a registered user account:
!user register
. -
Generate a 2FA key:
!2fa generate
.-
Configure your Authenticator with the provided QR code.
-
Verify it's working and enable 2FA: send me a PM with a working token. For example:
!2fa 123456
.
-
-
Any transaction above a user-configurable threshold will require additional 2FA authorisation. If you don't have a registered User account or haven't defined a threshold, it will be 0: all transactions will require 2FA.
- Example: set a threshold of 10 EGC:
!user set tfa_limit 10
, any operations>=
greater than or equal to 10 EGC will require 2FA.
- Example: set a threshold of 10 EGC:
-
Always use this trigger in a private message with me. Don't be that guy.
-
Authorize with the
!2fa
trigger:
!2fa 123456
Technical Mumbo-Jumbo
I'm using an implementation of TOTP (RFC 6238) (the Authenticator standard), which is based on HOTP (RFC 4226) to provide codes that are 100% compatible with all other Authenticator apps and services that use them.
Trigger Commands
!2fa <code>
Authenticate with <code>
, the numerical token that your Authenticator app spits out.
-
On success, your session will be valid for a period of time.
-
For security, you cannot authenticate new tokens while you have an active session.
!2fa generate
Generate a new 2FA secret key.
-
If 2FA is enabled, you will need 2FA authentication to
generate
. -
If your key is compromised,
generate
a new key and verify it straight away. -
If you lose access, there may be nothing that can be done, but try contacting
!support
.
!2fa qr
Display your secret QR code. If you need to (re)add to an Authenticator app, use this command.
- If 2FA is enabled, you will need 2FA authentication to run
qr
.
Updated