Is there 2FA on Framework Community?

I would like to know if there is 2FA (via TOTP, compatible with Google Authenticator, or hardware security keys, such as YubiKey, Nitrokey, or SoloKey) for users to activate for their respective Framework Community accounts.

Correct me if I’m wrong, but I sort of expected that 2FA would exist here, since it is Discourse and 2FA was available on the Parrot Community forum for Parrot OS. Then again, I am not familiar with Discourse and all of the options available for Discourse administration.

1 Like

Looking at the way Framework Community has been configured, it’s seems to have IdP integration (Google being one of them, the other being frame.work itself). You can use a Google account if you need 2FA, which supports TOTP, YubiKey…etc).

Update: Upon a closer look at the OAuth2 flow with Google, there’s a mention of “andreavassallo@nebulab.it” @nrp, Maybe get a team member to switch that contact over to Framework.

image

Using 2FA via a Google account might be an “ad hoc” solution, though generally a more “native” solution is always better for me.

Then again, I already use a password manager and the “suggested” default rules for random alphanumeric passwords (i.e., A-Z, a-z, and 0-9) with the two preset symbol sets:

#$%&^&`~

and

<*+!?=

are probably enough to reasonably secure a low risk account made just for commenting on Framework Community. I suspect this might be because the same account credentials for Framework Community is also used for the Framework Store account. (When I order a Framework laptop, I’ll just do Guest Checkout.)