Allow clients (administrators) and their users the ability to enable 2FA.

Hi there team, yet another feature request we have that would improve the experience for Webmin. We noticed that when enabling 2FA, only super administrators can enable 2FA for other users' accounts. Instead of having to manually assign our clients their 2FA credentials, there should be a way for them to enable 2FA both in Webmin and Usermin as well as the users they add to their virtual servers, or cloudmin instances. In addition, it would great if Webmin can generate backup codes the user can use incase they loose their 2FA credentials. Looking forward to seeing these new features in a next release! We think this would benefit many users who depend on Webmin and need to offer these security features to their clients (2FA is quickly becoming a standard with all hosted services).

Status: 
Active

Comments

Ilia's picture
Submitted by Ilia on Sat, 03/28/2020 - 06:09

Assigned: Unassigned ยป

Hi,

Thanks for your ideas. I will pass this to Jamie for a review.

In addition, it would great if Webmin can generate backup codes the user can use in-case they loose their 2FA credentials

That is less likely, as not easily doable, and in that case they could always reach out to master administrator.

Self-enrollment for 2FA is on our todo list, but it's unlikely we'll add support for backup codes soon.