[Mandatory 2FA] Spec: Admin 2FA support provider #11020
Description
Mandatory 2FA in Nextcloud 15
Overview/progress board: https://github.com/orgs/nextcloud/projects/17
🚀
Specification: Admin 2FA support provider
For Nextcloud 15, we want to have a clean, secure and less error-prone way to help admins in unlocking user accounts where users lost access to one of their second factors. This should make both admins and users happy.
Overview
This will be a new 2FA provider where you have to enter a code (number?) on the second factor page. It will be registered like any other provider and could therefore be used as an alternative (no access to other factors) or singular second factor (2FA enforced, no other login allowed).
The app could be either just enabled by default or enabled on demand (when admins generate a code, disabled after successful code usage).
Admin interface
The admin should have an interface where they can enter a username. If the username is valid, the system shall generate and display a new code. The admin tells the user the code (via an undefined channel, e.g. telephone). Note: The admin does not have to wait for the user to log in.
This could be added to the admin 2FA settings section as well as an occ command (ref #11019).
Open questions
- Should the code be temporary/time-based? Yes -> [Mandatory 2FA] Spec: Admin 2FA support provider #11020 (comment)
- Should admins see users for which codes have been generated? E.g. to delete outdated ones. -> Not necessary if codes expire [Mandatory 2FA] Spec: Admin 2FA support provider #11020 (comment)
- Should we add an option for admins to send out the code via email? Might make the admin UX better, but could be problematic in terms of security. No -> [Mandatory 2FA] Spec: Admin 2FA support provider #11020 (comment)