Is there 2FA on Framework Community?

I would like to know if there is 2FA (via TOTP, compatible with Google Authenticator, or hardware security keys, such as YubiKey, Nitrokey, or SoloKey) for users to activate for their respective Framework Community accounts.

Correct me if I’m wrong, but I sort of expected that 2FA would exist here, since it is Discourse and 2FA was available on the Parrot Community forum for Parrot OS. Then again, I am not familiar with Discourse and all of the options available for Discourse administration.

2 Likes

Using 2FA via a Google account might be an “ad hoc” solution, though generally a more “native” solution is always better for me.

Then again, I already use a password manager and the “suggested” default rules for random alphanumeric passwords (i.e., A-Z, a-z, and 0-9) with the two preset symbol sets:

#$%&^&`~

and

<*+!?=

are probably enough to reasonably secure a low risk account made just for commenting on Framework Community. I suspect this might be because the same account credentials for Framework Community is also used for the Framework Store account. (When I order a Framework laptop, I’ll just do Guest Checkout.)

@buzz_recount, Discourse indeed supports TOTP 2FA, and by default. Consequently, it has been explicitly disabled by the administrator(s):

This is presumably due to its LDAP integration, but I consider it unacceptable, irrespectively.