[
https://issues.apache.org/jira/browse/GUACAMOLE-770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17090691#comment-17090691
]
Nick Couchman commented on GUACAMOLE-770:
-----------------------------------------
[~sporeno]: Yes, this would be limited to admin users, although it is possible
at this point for users who have access to update their own accounts to wipe
out their own TOTP information.
> Allow for clearing TOTP Data in Admin Interface
> -----------------------------------------------
>
> Key: GUACAMOLE-770
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-770
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-auth-totp
> Reporter: Nick Couchman
> Assignee: Nick Couchman
> Priority: Minor
>
> Currently the TOTP attributes for a particular user are completely hidden
> from the Administrative interface, even to admin-level users. While hiding
> this data is sound security practice - there is no reason why any user,
> including an admin, within Guacamole would need to actually see the "key
> material" for the TOTP token, it might be nice to come up with some way to
> allow that data to be cleared from within the Admin UI such that a user's
> TOTP status could be "reset," allowing that user to re-enroll. I'm not sure
> this is really possible with any of the current field types, but I'm thinking
> perhaps there is some sort of new field type within Guacamole that could be
> generated, perhaps specific to the TOTP module, that would allow for clearing
> out this data.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
