Skip to content

MFA Authentication⚓︎

Prompt

  • MFA:Multi Factor Authentication

1 Enable MFA⚓︎

  • IF MFA is Enable, you can specify multi-factor authentication (MFA) when creating or updating a user.
  • In the case of Force Users to Enable, you can force-enable multi-factor authentication (MFA) by clicking on the user details in the 'web' - 'User Management' - 'User List'.
  • In the case of Global Enable, go to 'web' - 'System Settings' - 'Security Settings' and check Multi-Factor Authentication (MFA) (once enabled, all users will be forced to use MFA and cannot manually disable it).

Recommended settings

  • All administrators should mandatorily enable multi-factor authentication.
  • During actual use, enabling global MFA is recommended to enhance security.

2. Disable MFA⚓︎

  • MFA users who are enabled normally can close it themselves.
  • Mandatory MFA requires an administrator to close it.
  • Enabling MFA globally cannot be turned off. You must first disable MFA globally in 'System Settings' - 'Security Settings'.

3. Reset MFA⚓︎

  • Administrators can reset the multi factor authentication of the user in other user details. Click on the User Name in the Web - User List to see the user details.
  • If the administrator unable to obtain authorization code of MFA , it can be reset through the console.

docker exec -it jms_core /bin/bash
cd /opt/jumpserver/apps
python manage.py shell

from users.models import User
u = User.objects.get(username='admin')
u.mfa_level='0'
u.otp_secret_key=''
u.save()