You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@guacamole.apache.org by "Frans Rampen (Jira)" <ji...@apache.org> on 2020/09/03 12:04:00 UTC

[jira] [Commented] (GUACAMOLE-770) Allow for clearing TOTP Data in Admin Interface

    [ https://issues.apache.org/jira/browse/GUACAMOLE-770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17190082#comment-17190082 ] 

Frans Rampen commented on GUACAMOLE-770:
----------------------------------------

Is there any progress regarding this request?

In the meantime; does anyone know how to get the Id from the username?

> Allow for clearing TOTP Data in Admin Interface
> -----------------------------------------------
>
>                 Key: GUACAMOLE-770
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-770
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole-auth-totp
>            Reporter: Nick Couchman
>            Assignee: Nick Couchman
>            Priority: Minor
>
> Currently the TOTP attributes for a particular user are completely hidden from the Administrative interface, even to admin-level users.  While hiding this data is sound security practice - there is no reason why any user, including an admin, within Guacamole would need to actually see the "key material" for the TOTP token, it might be nice to come up with some way to allow that data to be cleared from within the Admin UI such that a user's TOTP status could be "reset," allowing that user to re-enroll.  I'm not sure this is really possible with any of the current field types, but I'm thinking perhaps there is some sort of new field type within Guacamole that could be generated, perhaps specific to the TOTP module, that would allow for clearing out this data.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)