Recovery would be same as recovering ssh keys. As long as you email root@tilde.club from the email address you signed up with then we would reset it.
And yes it would be an option instead of requiring public key auth (which is harder for many new users)
Thanks
On Feb 26, 2020, at 8:06 AM, turbo@tilde.club wrote:
If 2FA gets switched on, it should either be optional, or there should be a strategy for account recovery (by previously set alt email e.g.). I've been definitely locked out of servers before because of OTP loss or even bugs in 2FA PAM - although that was quite a while ago.
February 26, 2020 8:09 AM, "fosslinux" fosslinux@aussies.space wrote:
On 26/2/20 4:45 am, deepend wrote:
Hey ~clubbers. I know some people are not fans of public key authentication. So here is a poll I’d like to see if we can improve things since password only auth will not be returning.
http://www.strawpoll.me/19445663
Look forward to the result :)
I am of the opinion that extra authentication methods are certainly viable and a great idea, but only if they do not come to the cost of security. 2FA + password is fine, IMO.
(Also everyone please note that it is not restricted to Google Autenticator... everything Google Authenticator can do can be done by other apps like Authy or Yubico Authenticator if you have a YubiKey).