Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-5591

Step up authentication for TOTP uses password field type

        Details

        • Type: Bug
        • Status: Closed
        • Priority: Major
        • Resolution: Fixed
        • Affects Version/s: 5.13.0-b1
        • Fix Version/s: 5.13.0-b2
        • Component/s: Staff Interface
        • Labels:
          None

          Description

          For CORE-5135 we added step up authentication, which prompts for the admin password or their OTP 2FA (If configured) when accessing settings. The field contains the password type for OTP instead of otp.

          Instead of:
          <input type="password" name="password" id="password" class="form-control" tabindex="1" placeholder="Password" autofocus="autofocus">

          Use something like:
          <input
          type="text"
          name="otp"
          id="otp"
          class="form-control"
          inputmode="numeric"
          autocomplete="one-time-code"
          pattern="\d*"
          placeholder="Enter verification code"
          >

            Activity

              People

              • Assignee:
                jonathan Jonathan Reissmueller
                Reporter:
                admin Paul Phillips
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  18/Dec/25

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 9 minutes
                  9m

                    Agile