Expose TOTP provisioning code for manual entry #6114
Comments
nlhkabu
changed the title
|
Hi @garyemiller thanks for opening this ticket. Currently we don't expose this information in the user interface, but we can take a look into this. @woodruffw I assume we can simply output this information on the provisioning page? If you want to make a PR adding this to the template, I can style it. |
Yep, should be as simple as that. I'll open a PR in a bit. Edit: An idea: we might want to expose this as a clipboard action. @nlhkabu would that be possible? |
|
@woodruffw: without testing it, your pull request looks good to me. Everybody note that github. this system we are on now, does expose the TOTP key. It also goes further and give the user 10 backup codes. Just be sure there is some recovery method that does not suck. |
|
@garyemiller Please also note that Github is also a large for-profit company that is worth several billion dollars. PyPI is a entirely volunteer staffed project, with the exception of the occasional contractor hired by various grants we are awarded. As such, I'd like to ask you to improve your tone on this issue tracker: everyone here is working very hard to provide something "that does not suck". We're aware that folks would like to have recovery codes (see #5800), however we don't have the funding to add this in the current scope of work, and haven't had a volunteer with the time to add the feature either. |
|
@di: Way ahead of you. That is why made it a "please note", not an issue or an RFE. You also misunderstood my comment about "does not suck". I did not mean to imply anything about anybody or anyone's work to date. Chill. I also work on many 100% volunteer FOSS projects and as such feel your pain. |
I use the command line tool "oathtool" for my 2FA. But your 2FA enrollment page only shows a QR code. How do I get the key for oathtool use?
The text was updated successfully, but these errors were encountered: