Twofactor Authentication

Das Projekt GSManager (vormals ManuAdminMod) wurde am 01.01.2020 eingestellt - diese Internetpräsenz bleibt verfügbar, die Software wird aber nicht länger gepflegt. Vielen Dank für eure Unterstützung in den mehr als zehn vergangenen Jahren!

Sie betrachten gerade eine ältere Version des Eintrags. Klicken Sie hier, um zur aktuellen Version zu gelangen.

  • Enables a second authentication step after the default GUID auth. This is handy for games where GUID spoofing is possible (e.g. Call of Duty)

    [u][size=14]Prerequisites[/size][/u] [tt]twofactorauth.enabled[/tt] set to [tt]true[/tt] in [tt]config/basics.json[/tt]. An authenticator which implements [url='http://tools.ietf.org/html/rfc6238']IETF RFC 6238[/url]. See Appendix 1 for possible suggestions. [u][size=14]Usage[/size][/u] Set up your authenticator with your personal secret. You can find your secret in [tt]config/users.json[/tt]. To show the secret of others you can use [tt]!secret NAME [/tt] (for online players) or [tt]!secret GUID [/tt] is the 8 character version of the GUID After joining the server you will have to authenticate yourself using the temporary password given by the authenticator. For Example: [tt]!login 162534[/tt] [u][size=14]Examples[/size][/u] [u][size=12]Setting up your authenticator[/size][/u] Example secret used: [tt]2CB4SVARUIHVJ64J[/tt] (You have to replace this with your own secret if you follow this guide) [b][u]GAuth [1]:[/u][/b] [spoiler] click the edit icon and then the [b]Add[/b] button [img='https://ptpb.pw/2-Mw.png',none,319][/img] Give it a sensible [b]Account name[/b] and input your secret in the Secret key field and click the [b]Add[/b] button [img='https://ptpb.pw/lAQz.png',none,321][/img] If you want u can delete the example [url='https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=alice@google.com']alice@google.com[/url] account by clicking the [b]X[/b] next to it. It will look something like this: [img='https://ptpb.pw/vZQV.png',none,322][/img] The 6 digit number is your temporary password which you need for the [tt]!login 490186[/tt] command on the server. In the top right corner you will see the timer how long the password will be valid (there is about a 30 seconds padding before and after the timer to count for not perfectly synced clocks and slow input). [/spoiler] [u][size=14]Appendix 1: List of authenticators[/size][/u] [1] GAuth: Web based authenticator [url]http://gauth.apps.gbraad.nl/[/url] (also available as [url='https://build.phonegap.com/apps/135419/']Phone APP[/url] and [url='https://marketplace.mozilla.org/app/gauth/']Webapp[/url]) [2] Google Authenticator: Phone App for [url='https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2']Android[/url], [url='https://itunes.apple.com/en/app/google-authenticator/id388497605?mt=8']iOS[/url] and [url='http://m.google.com/authenticator']Blackberry[/url] (open with your phone) [3] FreeOTP: Open Source alternative to Google Authenticator. Available for [url='https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp']Android[/url] and [url='https://itunes.apple.com/us/app/freeotp/id872559395']iOS[/url] [4] WinAuth: Open Source authenticator for Windows: [url]https://winauth.com/[/url] for more see: [url]https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm#Client_implementations[/url]