Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-5591

Step up authentication for TOTP uses password field type

        Details

        • Type: Bug
        • Status: Open
        • Priority: Major
        • Resolution: Unresolved
        • Affects Version/s: 5.13.0-b1
        • Fix Version/s: 5.13.0-b2
        • Component/s: Staff Interface
        • Labels:
          None

          Description

          For CORE-5135 we added step up authentication, which prompts for the admin password or their OTP 2FA (If configured) when accessing settings. The field contains the password type for OTP instead of otp.

          Instead of:
          <input type="password" name="password" id="password" class="form-control" tabindex="1" placeholder="Password" autofocus="autofocus">

          Use something like:
          <input
          type="text"
          name="otp"
          id="otp"
          class="form-control"
          inputmode="numeric"
          autocomplete="one-time-code"
          pattern="\d*"
          placeholder="Enter verification code"
          >

            Activity

            Ascending order - Click to sort in descending order
            admin Paul Phillips created issue -
            admin Paul Phillips made changes -
            Field Original Value New Value
            Sprint 5.14.0 Sprint 1 [ 222 ]
            admin Paul Phillips made changes -
            Rank Ranked higher

              People

              • Assignee:
                Unassigned
                Reporter:
                admin Paul Phillips
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Agile