Update Advanced Settings UI ref and tutorial articles

This PR updates the AdvancedSettingsScreen.md article and ManageGlobal2FASCALE.md article content about global 2FA, and other minor changes. This PR can be backported to 24.04
truenas · Apr 17, 2024 · 0533c9d · 0533c9d
1 parent 6dcd42e
commit 0533c9d
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 52 deletions.
diff --git a/content/SCALE/SCALETutorials/SystemSettings/Advanced/ManageGlobal2FASCALE.md b/content/SCALE/SCALETutorials/SystemSettings/Advanced/ManageGlobal2FASCALE.md
@@ -17,7 +17,6 @@ TrueNAS offers global 2FA to ensure that entities cannot use a compromised admin
 {{< include file="/static/includes/AdvancedSettingsWarningSCALE.md" >}}
 
 ## About SCALE 2FA
-
 To use 2FA, you need a mobile device with the current time and date, and an authenticator app installed.
 We recommend Google Authenticator.
 You can use other authenticator applications, but you must confirm the settings and QR codes generated in TrueNAS are compatible with your particular app before permanently activating 2FA.
@@ -31,23 +30,21 @@ Ensure Network Time Protocol (NTP) is functional before enabling two-factor auth
 2FA adds an extra layer of security to your system to prevent someone from logging in, even if they have your password.
 2FA requires you to verify your identity using a randomized six-digit code that regenerates every 30 seconds (unless modified) to use when you log in.
 {{< /expand >}}
-### Benefits of 2FA
 
+### Benefits of 2FA
 Unauthorized users cannot log in since they do not have the randomized six-digit code.
 
 Authorized employees can securely access systems from any device or location without jeopardizing sensitive information.
 
 Internet access on the TrueNAS system is not required to use 2FA.
 
 ### Drawbacks of 2FA
-
 2FA requires an app to generate the 2FA code.
 
 If the 2FA code is not working or users cannot get it, the system is inaccessible through the UI and SSH (if enabled).
 You can bypass or [unlock 2FA](#disabling-or-bypassing-2fa) using the CLI.
 
 ## Enabling 2FA
-
 {{< hint type=warning >}}
 Set up a second 2FA device as a backup before proceeding.
 {{< /hint >}}
@@ -68,7 +65,7 @@ Before you begin, download Google Authenticator to your mobile device.
 
    {{< trueimage src="/images/SCALE/SystemSettings/2FAScreenEnabled.png" alt="2FAScreenEnabled" id="2FA Screen with Enabled Message" >}}
 
-   When using Google Authenticator, make sure the **Interval** is set to **30** or the authenticator code might not function when logging in.
+   When using Google Authenticator, set **Interval** to **30** or the authenticator code might not function when logging in.
 
 3. Click **Show QR** and scan the QR code using Google Authenticator.
 
@@ -78,7 +75,6 @@ Accounts that are already configured with individual 2FA are not prompted for 2F
 When **Global 2FA** is enabled, user accounts that have not configured 2FA settings yet are shown the **Two-Factor Authentication** screen on their next login to configure and enable 2FA authentication for that account.
 
 ### Disabling or Bypassing 2FA
-
 Go to **System Settings > Advanced**, scroll down to the **Global Two Factor Authentication** widget, and click **Config**. Clear the **Enable Two-Factor Authentication Globally** checkbox and click **Save**.
 
 {{< hint type=note >}}
@@ -88,14 +84,12 @@ To unlock 2FA in the SCALE CLI, enter:  `auth two_factor update enabled=false`
 {{< /hint >}}
 
 ### Reactivating 2FA
-
 If you want to enable 2FA again, go to **System Settings > Advanced**, scroll down to the **Global Two Factor Authentication** widget, and click **Config**.
 
 Check **Enable Two Factor Authentication Globally**, then click **Save**.
 To change the system-generated **Secret**, go to **Credentials > 2FA** and click **Renew 2FA Secret**.
 
 ## Using 2FA to Log in to TrueNAS
-
 Enabling 2FA changes the login process for both the TrueNAS web interface and SSH logins.
 
 ### Logging In Using the Web Interface
@@ -108,7 +102,6 @@ Enter the code from the mobile device (without the space) in the login window an
 If you wait too long, a new number code displays in Google Authenticator, so you can retry.
 
 ### Logging In Using SSH
-
 1. Confirm that you set **Enable Two-Factor Auth for SSH** in **System Settings > Advanced > Global Two Factor Authentication**.
 
 2. Go to **System Settings > Services** and edit the **SSH** service.