Dear Community,
is there any chance to configure, that the Privacy IdeaWebsite can only be used with two factors, if a user has a second factor Token in his account active?
Sure, if he lost this token he can not login anymore, I know. But is it possible?
Best, Tobias
Have a look at the login_mode webui policy:
https://privacyidea.readthedocs.io/en/latest/policies/webui.html#login-mode
Hi Plettich.
Could you give me some ligth about your answer?
I mean, could you tell me how -login_mode= “privacyIDEA” works like a second factor?
basically this mode uses privacyIDEA itself to log in. So if You have a user with a token and a pin, she needs these to log into privacyIDEA.
If You have the otppin=userstore policy set, she needs the userstore password and the OTP of the token.
The default for login_mode is userstore, so no OTP will be required to log in.