Joe Bethersonton Posted November 23, 2018 Share #1 Posted November 23, 2018 I have had a a couple of IPs blocked in my DSM within the last couple of hours, so I was looking into additional security in DSM, and stumpled upon 2-step verification. I use 2FA in other places, so adding it to DSM as well seems like a good idea. The question is, does this feature rely on Synologys server sending out emails or generate the initial code to use in the authentication app? In other words, does this work with XPEnology? Quote Link to comment Share on other sites More sharing options...
bearcat Posted November 29, 2018 Share #2 Posted November 29, 2018 It works. A friend of mine is using it, with no problems in regards to Synology's servers. By the looks of it, it is a "local app" running on you box, that keeps in sync with Google Authenificator, running on your mobile device. The local app generates a "secret key", during setup, that you add to your mobile device, this is the encryption key. Then, based on the date and time, and the common key, both ends update the valid token, that you get on your screen and input to your DSM as login. Quote Link to comment Share on other sites More sharing options...
abced Posted November 29, 2018 Share #3 Posted November 29, 2018 2FA is completely offline thing, there's communication going on between anything. The code you need to input is simply generated from the unix time and secret code provided during the setup process (and since both ends generate code with the same algorithm and from the same values, they also get the same result). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.