summaryrefslogtreecommitdiff
path: root/doc/en
diff options
context:
space:
mode:
authorSébastien Helleu <flashcode@flashtux.org>2018-11-04 14:26:59 +0100
committerSébastien Helleu <flashcode@flashtux.org>2018-11-04 14:50:53 +0100
commit738535e7f628d9b4a26cccc8b598e07e63ac1123 (patch)
treebbc7de232fb6bf78f72ce82a4ac5a4a6200a88c7 /doc/en
parentf02fc06dd05310c8d97410bbb00c120b47f885ee (diff)
downloadweechat-738535e7f628d9b4a26cccc8b598e07e63ac1123.zip
relay: add support of Time-based One-Time Password (TOTP) as second authentication factor in weechat protocol
Diffstat (limited to 'doc/en')
-rw-r--r--doc/en/weechat_relay_protocol.en.adoc11
-rw-r--r--doc/en/weechat_user.en.adoc28
2 files changed, 37 insertions, 2 deletions
diff --git a/doc/en/weechat_relay_protocol.en.adoc b/doc/en/weechat_relay_protocol.en.adoc
index afe0a0c1a..ac6999471 100644
--- a/doc/en/weechat_relay_protocol.en.adoc
+++ b/doc/en/weechat_relay_protocol.en.adoc
@@ -114,8 +114,12 @@ init [<option>=<value>,[<option>=<value>,...]]
Arguments:
* _option_: one of following options:
-** _password_: password used to authenticate on _relay_ (option
- _relay.network.password_ in WeeChat)
+** _password_: password used to authenticate on _relay_
+ (option _relay.network.password_ in WeeChat)
+** _totp_: Time-based One-Time Password (TOTP) used as secondary authentication
+ factor, in addition to the password
+ (option _relay.network.totp_secret_ in WeeChat)
+ _(WeeChat ≥ 2.4)_
** _compression_: compression type:
*** _zlib_: enable _zlib_ compression for messages sent by _relay_
(enabled by default if _relay_ supports _zlib_ compression)
@@ -134,6 +138,9 @@ init password=mypass
# initialize with commas in the password (WeeChat ≥ 1.6)
init password=mypass\,with\,commas
+# initialize with password and TOTP (WeeChat ≥ 2.4)
+init password=mypass,totp=123456
+
# initialize and disable compression
init password=mypass,compression=off
----
diff --git a/doc/en/weechat_user.en.adoc b/doc/en/weechat_user.en.adoc
index efbcff4fe..361c452b7 100644
--- a/doc/en/weechat_user.en.adoc
+++ b/doc/en/weechat_user.en.adoc
@@ -3161,6 +3161,34 @@ It is highly recommended to set a password for relay, with command:
This password is used for _irc_ and _weechat_ protocols.
+[[relay_totp]]
+==== TOTP
+
+TOTP (Time-based One-Time Password) can be used as secondary authentication
+factor for _weechat_ protocol, in addition to the password.
+
+This is optional and increases the security level.
+
+One-time passwords can be generated with applications, for example:
+
+* FreeOTP:
+ https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp[Android],
+ https://itunes.apple.com/fr/app/freeotp-authenticator/id872559395[iOS]
+ (https://freeotp.github.io/[web site])
+* Google Authenticator:
+ https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2[Android],
+ https://itunes.apple.com/fr/app/google-authenticator/id388497605[iOS]
+
+The TOTP secret must be set in WeeChat and the application used to generate
+one-time passwords.
+
+It must be a string encoded in base32, with only letters and digits from 2 to 7,
+for example:
+
+----
+/set relay.network.totp_secret "secretpasswordbase32"
+----
+
[[relay_ssl]]
==== SSL