I’ve tried to enable 2FA but my authenticator app of choice Authy seems to have a problem with the displayed QR-Code.
Is this “just an Authy problem” and it’ll work with other authenticators?
If so, is there any chance that it’ll get accessible for Authy users?
CMK version: 2.1.0p20 OS version: Check_MK rack1 Mark III - Version: 1.5.4
sorry but I can’t really follow you here. Checkmk 2.1 is supporting 2FA with the webauthn standard.
So my question is how do your even get a QR code? If I try to setup 2FA in Checkmk I can only use a webauthn capable device like my yubikey.
Or do you mean 2FA in the forum using a QR Code?
It would help if you could clarify your problem a bit more. You can even add a screenshot if you want.
let me clarify with screenshots.
Below is the path, how I get the QR-Code from out CheckMK instance.
Since we don’t use yubikey in the company we rely on apps like Authy, Google Authenticator and so on for 2FA/MFA. Whatever, is personal preference.
While trying to scan the QR-Code from the last picture, Authy shows the error message :“Format not supportet - Please try again”
I’ve also tried to use the Google Authenticator but that one doesn’t even recognized the QR-Code.
That got me thinking. Do I totally misunderstand CheckMKs 2FA system here? Or is there an error with the generated QR-Code?
the QR code you get there is a passkey for the WebAuthn Standard. It’s not a TOTP QR code. Authy only supports TOTP codes.
The “passkeys” you get there is a cryptographic “password”. Normally you use a hardware token for it. Here you can read more about Passkeys: Passkeys (Passkey Authentication)
That means: Authy cannot support this type of 2FA.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.