-
Notifications
You must be signed in to change notification settings - Fork 4
Usage
This page is all about learning to use 2FA+. Here we will discuss the different methods 2FA+ uses and how to make the plugin work for you, your players, and your staff.
In order to use Authy, you must first configure the plugin to use it, then either reload the plugin or restart the server. Once that's done, you'll want to download the Authy app and set yourself up with an Authy account.
Finally, all you need to do is run 2faplus register authy to register your phone number with the plugin's Authy system. (try 2faplus help for more information on that command and its usage) - your device will get a notification about a new registration and you should see it appear in the Authy app's home screen.
The Authy app will generate new codes periodically. When you log in or use a command, just use whatever code happens to be on your device's screen at that time.
You will need to repeat these steps for everyone that wishes to use Authy.
You may wish to configure OTP before proceeding. While optional, it is recommended. If you do, either reload the plugin or restart the server when finished.
The real difference between TOTP and HOTP is how the codes are generated.
TOTP is time-based, which means every so often you'll get a new code generated on your app for you. Apps usually have a timer of some sort to indicate when it's about to roll over to a new code.
HOTP is counter-based, which means you'll get a new code each time you use one. This can mean your codes get "out of sync" but it's easy to fix with the command hotp seek.
As far as apps go, there's many. Just search for "two-factor authentication app" on Google and you're likely to find something.
All you really need to do for these is run 2faplus register totp or 2faplus register hotp depending on your preference. TOTP is more common, but HOTP can be useful for hardware keys and legacy applications.
If you're currently logged into the server and have free space in your inventory, 2FA+ will add a map to your hand with a QR code on it. With most apps, all you need to do is hold the map and point your device at the screen. The app will automatically add 2FA+ into its system.
If, for whatever reason, you don't have access to the map then when you register yourself 2FA+ will also give you a key in chat. Most apps will have a "manual activation" or something similar. Give the new addition a "service" and "account" name of your choice, and type the key in exactly as the system gave it to you. You're done!
Keep the map and key secret, as anyone with either of those items can use them to authenticate as you.
Your app will either generate new codes periodically, or generate a new one whenever you copy a code (depending on TOTP or HOTP choice respectively). When you log in or use a command, just use whatever code happens to be on your device's screen at that time.
Hardware keys are complicated (as they're very low-level and intended to be) but you can get 2FA+ to work with one if you do a little tweaking to the HOTP key the plugin gives you. Let's walk through this step-by-step.
You'll have to go to Cryptii for this one.
Because of the way HOTP works (counter-based) it means both the client and the server have to have the same "counter" value for the system to work. 2FA+ tries to make small adjustments to its own value if it sees something's off, but if you get too far ahead then none of your codes will work.
In this instance, just run hotp seek and 2FA+ will ask you for the next 3-4 codes from your app. Once you submit those, it'll try to re-synchronize itself with your app. This is successful in 99% of cases. If you're still having issues, just re-register yourself.
- Home
- Why 2FA+?
- Installation
- Usage
- Language
- Configuration
- Commands
- Permissions
- FAQ
- Sources
- Errors
- Plugin Support
- PLAN
- PlaceholderAPI