Get a Quote     (408) 943-4100   TrueNAS Discord VendOp_Icon_15x15px Commercial Support
TrueNAS.com Software Systems Company Community Security iX Portal Download
TrueNAS CORE TrueNAS Enterprise TrueNAS SCALE TrueCommand Compare Editions Software Status FreeNAS
Compare Systems M-Series X-Series R-Series Mini Series
Contact Us iXsystems Careers Clients Reviews
TrueNAS GitHub Community Forum Discord TrueNAS Merch Store
Application Backup and Archival Cloud Media Workflows Video Surveillance Virtualization
Industry Education Government Healthcare Research / AI / ML Media & Entertainment
Enterprise Support Community Support Documentation TrueNAS Security FAQ iX Blog TrueNAS Blog
Case Studies White Papers Solution Briefs iX Portal Plugins & Apps ZFS Videos
Download TrueNAS CORE Download TrueNAS SCALE Get TrueNAS Enterprise Where to Buy
  1. TrueNAS SCALE 22.12 (Archived)
  2. /
  3. UI Reference Guide
  4. /
  5. Credentials
  6. /
  7. Two-Factor Auth Screen
Edit page
TrueNAS SCALETrueNAS SCALE Documentation Archive
This content follows the TrueNAS SCALE 22.12 (Bluefin) releases. Archival documentation is provided for reference only and not actively maintained.
Use the Product and Version selectors above to view content specific to different TrueNAS software or major version.

Two-Factor Auth Screen

  2 minute read.

Last Modified 2023-08-31 13:31 EDT

The Two-Factor Auth screen displays settings to configure and enable two-factor authentication (2FA) on TrueNAS SCALE.

Two-factor authentication is time-based and requires a correct system time setting.

User Settings

Enable2FAScreen

NameDescription
One Time Password (OTP) DigitsSelect the number of digits for the length of the one-time password (OTP). The default is 6, which is the standard OTP length for Google OTPs. Check your app/device settings before selecting a value.
IntervalEnter the number of seconds for the lifespan of each OTP. Default is 30 seconds. The minimum is 5 seconds.
WindowEnter the number of valid passwords. Extends password validity beyond the Interval setting. For example, 1 means that one password before and after the current password is valid, leaving three valid passwords. Extending the window is useful in high-latency situations.
Enable Two-Factor Auth for SSHSelect to enable 2FA for system SSH access. Leave this disabled until you complete a successful test of 2FA with the UI.

System Generated Settings

NameDescription
Secret (Read-only)TrueNAS creates the secret and uses it to generate OTPs when you first enable 2FA.
Provisioning URI (includes Secret - Read-only)TrueNAS created the URI used to provision an OTP. TrueNAS encodes the URI (which contains the secret) in a QR Code. To set up an OTP app like Google Authenticator, use the app to scan the QR code or enter the secret manually into the app. TrueNAS produces the URI when you first activate 2FA.

Enable Two Factor Authentication opens the Enable Two-Factor Authentication confirmation dialog. Click Confirm to enable 2F.

Enable2FAConfirmationDialog

The enable button changes to Disable Two-Factor Authentication.

Show QR opens a QR code dialog. Scan with a mobile device that has the Google Authenticator app.

2FAQRCodeDialog

Renew Secret changes the system-generated Secret and Provisioning URI values.

2FARenewSecretDialog

The visibility_off icon in the Secret and Provisioning URI fields displays the alphanumeric string. The visibility converts the alphanumeric characters back to asterisks.

Related Content

Have more questions or want to discuss your specific configuration? For further discussion or assistance, see these resources:

Found content that needs an update? You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).