Twofactor Authentication

  • Enables a second authentication step after the default GUID auth. This is handy for games where GUID spoofing is possible (e.g. Call of Duty)

    Prerequisites


    twofactorauth.enabled set to true in config/basics.json.
    An authenticator which implements IETF RFC 6238. See Appendix 1 for possible suggestions.


    Usage


    Set up your authenticator with your personal secret. You can find your secret in config/users.json.
    To show the secret of others you can use !secret NAME <name or pid> (for online players) or !secret GUID <guid> <guid> is the 8 character version of the GUID


    After joining the server you will have to authenticate yourself using the temporary password given by the authenticator.
    For Example: !login 162534


    Examples


    Setting up your authenticator


    Example secret used: 2CB4SVARUIHVJ64J (You have to replace this with your own secret if you follow this guide)


    GAuth [1]:



    Appendix 1: List of authenticators


    [1] GAuth: Web based authenticator http://gauth.apps.gbraad.nl/ (also available as Phone APP and Webapp)
    [2] Google Authenticator: Phone App for Android, iOS and Blackberry (open with your phone)
    [3] FreeOTP: Open Source alternative to Google Authenticator. Available for Android and iOS
    [4] WinAuth: Open Source authenticator for Windows: https://winauth.com/


    for more see: https://en.wikipedia.org/wiki/…hm#Client_implementations