On 9/21/2023 10:37 AM, Eduardo da Silva Antonio wrote:
Hello, good morning/afternoon/evening, everyone!
I have implemented Guacamole at my company, and for testing purposes I
ended up using my personal phone for the guacadmin's TOTP, which isn't
ideal.
At this point, many people are already using it and it would cause some
troubles if I were to just reset the extension and thus reset everyones
tokens, so I wonder if it would be possible for me to reset the
guacadmin's TOTP and add it to another phone without causing everyone to
lose theirs too.
Another administrator would have to do this, but yes. If you log in as
an admin that *isn't* guacadmin, that admin will be able to reset
guacadmin's TOTP from within the user editor.
The mechanism you're concerned about (resetting everyone's TOTP at once)
does not exist in the TOTP support. There is no way to do that, even if
you wanted to, unless you went into the database and manually ran some
SQL to delete all user attributes containing TOTP keys.
- Mike
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
