Get a Quote     (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support Toggle between Light and Dark mode

Two-Factor Auth Screen

  2 minute read.

Last Modified 2022-12-02 16:36 EST

The Two-Factor Auth screen displays settings to configure and enable two-factor authentication (2FA) on TrueNAS SCALE.

Two-factor authentication is time-based and requires a correct system time setting.

User Settings


One Time Password (OTP) DigitsSelect the number of digits for the length of the one-time password (OTP). The default is 6, which is the standard OTP length for Google OTPs. Check your app/device settings before selecting a value.
IntervalEnter the number of seconds for the lifespan of each OTP. Default is 30 seconds. The minimum is 5 seconds.
WindowEnter the number of valid passwords. Extends password validity beyond the Interval setting. For example, 1 means that one password before and after the current password is valid, leaving three valid passwords. Extending the window is useful in high-latency situations.
Enable Two-Factor Auth for SSHSelect to enable 2FA for system SSH access. Leave this disabled until you complete a successful test of 2FA with the UI.

System Generated Settings

Secret (Read-only)TrueNAS creates the secret and uses it to generate OTPs when you first enable 2FA.
Provisioning URI (includes Secret - Read-only)TrueNAS created the URI used to provision an OTP. TrueNAS encodes the URI (which contains the secret) in a QR Code. To set up an OTP app like Google Authenticator, use the app to scan the QR code or enter the secret manually into the app. TrueNAS produces the URI when you first activate 2FA.

Enable Two Factor Authentication opens the Enable Two-Factor Authentication confirmation dialog. Click Confirm to enable 2F.


The enable button changes to Disable Two-Factor Authentication.

Show QR opens a QR code dialog. Scan with a mobile device that has the Google Authenticator app.


Renew Secret changes the system-generated Secret and Provisioning URI values.


The visibility_off icon in the Secret and Provisioning URI fields displays the alphanumeric string. The visibility converts the alphanumeric characters back to asterisks.

Related Content