[docs] Enteception (#1408)
Add FAQ about storing Ente 2FA in Ente Auth.
This commit is contained in:
commit
6079ebbc05
|
@ -139,7 +139,17 @@ export const sidebar = [
|
|||
text: "Auth",
|
||||
items: [
|
||||
{ text: "Introduction", link: "/auth/" },
|
||||
{ text: "FAQ", link: "/auth/faq/" },
|
||||
{
|
||||
text: "FAQ",
|
||||
collapsed: true,
|
||||
items: [
|
||||
{ text: "General", link: "/auth/faq/" },
|
||||
{
|
||||
text: "Enteception",
|
||||
link: "/auth/faq/enteception/",
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
text: "Migration",
|
||||
collapsed: true,
|
||||
|
|
51
docs/docs/auth/faq/enteception/index.md
Normal file
51
docs/docs/auth/faq/enteception/index.md
Normal file
|
@ -0,0 +1,51 @@
|
|||
---
|
||||
title: Enteception
|
||||
description: Using Ente Auth to store 2FA for your Ente account
|
||||
---
|
||||
|
||||
# Enteception
|
||||
|
||||
Your 2FA codes are in Ente Auth, but if you enable 2FA for your Ente account
|
||||
itself, where should the 2FA for your Ente account be stored?
|
||||
|
||||
There are multiple answers, none of which are better or worse, they just depend
|
||||
on your situation and risk tolerance.
|
||||
|
||||
If you are using the same account for both Ente Photos and Ente Auth and have
|
||||
enabled 2FA from the ente Photos app, we recommend that you ensure you store
|
||||
your recovery key in a safe place (writing it down on a paper is a good idea).
|
||||
This key can be used to bypass Ente 2FA in case you are locked out.
|
||||
|
||||
Another option is to use a separate account for Ente Auth.
|
||||
|
||||
Also, taking exporting the encrypted backup is also another good way to reduce
|
||||
the risk (you can easily import the encrypted backup without signing in).
|
||||
|
||||
Finally, we have on our roadmap some features like adding support for
|
||||
emergency/legacy-contacts, passkeys, and hardware security keys. Beyond other
|
||||
benefits, all of these would further reduce the risk of users getting locked out
|
||||
of their accounts.
|
||||
|
||||
## Email verification for Ente Auth
|
||||
|
||||
There is a related ouroboros scenario where if email verification is enabled in
|
||||
the Ente Auth app _and_ the 2FA for your email provider is stored in Ente Auth,
|
||||
then you might need a code from your email to log into Ente Auth, but to log
|
||||
into your email you needed the Auth code.
|
||||
|
||||
To prevent people from accidentally locking themselves out this way, email
|
||||
verification is disabled by default in the auth app. We also try to show a
|
||||
warning when you try to enable email verification in the auth app:
|
||||
|
||||
<div align="center">
|
||||
|
||||
![Warning shown when enabling 2FA in Ente Auth](warning.png){width=400px}
|
||||
|
||||
</div>
|
||||
|
||||
The solution here are the same as the Ente-in-Ente case.
|
||||
|
||||
## TL;DR;
|
||||
|
||||
Ideally, you should **note down your recovery key in a safe place (may be on a
|
||||
paper)**, using which you will be able to by-pass the two factor.
|
BIN
docs/docs/auth/faq/enteception/warning.png
Normal file
BIN
docs/docs/auth/faq/enteception/warning.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 516 KiB |
|
@ -33,15 +33,20 @@ You can enable FaceID lock under Settings → Security → Lockscreen.
|
|||
Please verify that the time on both your mobile and desktop is same.
|
||||
|
||||
### Does ente Authenticator require an account?
|
||||
Answer: No, ente Authenticator does not require an account. You can choose to use the app without backups if you prefer.
|
||||
|
||||
### Can I use the Ente 2FA app on multiple devices and sync them?
|
||||
Answer: No, ente Authenticator does not require an account. You can choose to
|
||||
use the app without backups if you prefer.
|
||||
|
||||
Yes, you can download the Ente app on multiple devices and sync the codes, end-to-end encrypted.
|
||||
### Can I use the Ente 2FA app on multiple devices and sync them?
|
||||
|
||||
Yes, you can download the Ente app on multiple devices and sync the codes,
|
||||
end-to-end encrypted.
|
||||
|
||||
### What does it mean when I receive a message saying my current device is not powerful enough to verify my password?
|
||||
|
||||
This means that the parameters that were used to derive your master-key on your original device, are incompatible with your current device (likely because it's less powerful).
|
||||
|
||||
If you recover your account via your current device and reset the password, it will re-generate a key that will be compatible on both devices.
|
||||
This means that the parameters that were used to derive your master-key on your
|
||||
original device, are incompatible with your current device (likely because it's
|
||||
less powerful).
|
||||
|
||||
If you recover your account via your current device and reset the password, it
|
||||
will re-generate a key that will be compatible on both devices.
|
||||
|
|
|
@ -110,11 +110,12 @@ or "dog playing at the beach".
|
|||
Check the sections within the upload progress bar for "Failed Uploads," "Ignored
|
||||
Uploads," and "Unsuccessful Uploads."
|
||||
|
||||
## How do i keep NAS and Ente photos synced?
|
||||
## How do i keep NAS and Ente photos synced?
|
||||
|
||||
Please try using our CLI to pull data into your NAS https://github.com/ente-io/ente/tree/main/cli#readme .
|
||||
Please try using our CLI to pull data into your NAS
|
||||
https://github.com/ente-io/ente/tree/main/cli#readme .
|
||||
|
||||
## Is there a way to view all albums on the map view?
|
||||
|
||||
Currently, the Ente mobile app allows you to see a map view of all the albums by clicking on "Your map" under "Locations" on the search screen.
|
||||
|
||||
Currently, the Ente mobile app allows you to see a map view of all the albums by
|
||||
clicking on "Your map" under "Locations" on the search screen.
|
||||
|
|
|
@ -81,7 +81,9 @@ and is never sent to our servers.
|
|||
Please note that only users on the paid plan are allowed to share albums. The
|
||||
receiver just needs a free Ente account.
|
||||
|
||||
|
||||
## Has the Ente Photos app been audited by a credible source?
|
||||
|
||||
Yes, Ente Photos has undergone a thorough security audit conducted by Cure53, in collaboration with Symbolic Software. Cure53 is a prominent German cybersecurity firm, while Symbolic Software specializes in applied cryptography. Please find the full report here: https://ente.io/blog/cryptography-audit/
|
||||
Yes, Ente Photos has undergone a thorough security audit conducted by Cure53, in
|
||||
collaboration with Symbolic Software. Cure53 is a prominent German cybersecurity
|
||||
firm, while Symbolic Software specializes in applied cryptography. Please find
|
||||
the full report here: https://ente.io/blog/cryptography-audit/
|
||||
|
|
|
@ -64,6 +64,6 @@ data reflects the latest album states with new files, moves, and deletions.
|
|||
If you run into any issues during your data export, please reach out to
|
||||
[support@ente.io](mailto:support@ente.io) and we will be happy to help you!
|
||||
|
||||
Note that we also provide a [CLI
|
||||
tool](https://github.com/ente-io/ente/tree/main/cli#export) to export your data.
|
||||
Please find more details [here](/photos/faq/export).
|
||||
Note that we also provide a
|
||||
[CLI tool](https://github.com/ente-io/ente/tree/main/cli#export) to export your
|
||||
data. Please find more details [here](/photos/faq/export).
|
||||
|
|
Loading…
Reference in a new issue