Merge pull request #341 from fufesou/feat/2fa

2FA, totp

content/self-host/rustdesk-server-pro/2FA/_index.en.md

@@ -0,0 +1,102 @@
+---
+title: 2FA
+weight: 16
+---
+
+When logging in to your account, turning on Two-Factor Authentication (2FA) verification can improve account security.
+
+Our web console currently supports two kinds of 2FA:
+
+1. Email verification.
+2. TOTP. A third-party authentication app is required to generate the verification code, such as [Authy](https://authy.com/), [Microsoft](https://www.microsoft.com/en-us/security/mobile-authenticator-app/ ), [Google](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2/) authentication app.
+
+You first need to go to the account settings page.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/1-settings-account.png)
+
+### Email verification
+
+To enable email verification for login, you need:
+
+1. Set email.
+2. Enable the "Enable email login verification" option.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/2-2fa-email-1.png)
+
+When we log in next time, RustDesk will send us a verification code email, and the web page will also jump to the verification page.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/2-2fa-email-2.png)
+
+
+### TOTP
+
+TOTP is a widely used 2FA method, so in the web console of RustDesk Server Pro, 2FA refers to TOTP verification.
+
+#### Prepare authentication app
+
+First, you need to prepare an authentication app.
+You can choose from these types [Authy](https://authy.com/), [Microsoft](https://www.microsoft.com/en-us/security/mobile-authenticator-app/), [Google ](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2/) authentication app.
+
+#### Enable 2FA
+
+When the "Enable 2FA" button is displayed on the settings page, it means that 2FA is not currently enabled.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-1.png)
+
+
+Click the button and a form will pop up to enable 2FA.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-2.png)
+
+
+Open the authenticator app, add an account by scanning the QR code.
+
+If you are inconvenient to scan the QR code, you can also enter the code here directly.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-3.png)
+
+After adding the account in the authenticator app, enter the verification code in the authenticator app to turn on 2FA.
+
+After 2FA is successfully turned on, RustDesk Server Pro will also be bound to 10 **backup codes**. So that you can use these **bacoup codes** to pass the verification even if you are unable to use the authenticator app.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-4.png)
+
+
+**Note**:
+
+1. These backup codes can only be used once.
+2. Please keep the backup codes in a safe place.
+
+#### Login verification
+
+Enable the "Enable 2FA login verification" option on the settings page.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-login-5.png)
+
+
+When logging in, you will be redirected to the verification page.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-login-6.png)
+
+
+#### Modify settings
+
+After turning on 2FA, modifying account settings requires additional 2FA verification.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-settings-1.png)
+
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-settings-2.png)
+
+
+#### 2FA state
+
+2FA has a total of 3 states: not enabled, enabled and expired.
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-state-not-enabled.png)
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-state-enabled.png)
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-state-expired.png)
+
+**Note**: 2FA can still be used normally after it expires. It just means that the 2FA settings haven't been changed for a long time (default 180 days). For security reasons, we recommend re-enabling 2FA, so the secret data can been updated.

content/self-host/rustdesk-server-pro/2FA/_index.zh-cn.md

@@ -0,0 +1,103 @@
+---
+title: 2FA
+weight: 16
+---
+
+登录账户时，开启 Two-Factor Authentication(2FA) 验证，能够提高账户安全性。
+
+我们的 web console 目前支持两种 2FA:
+
+1. 邮件验证。
+2. TOTP。需要第三方 authentication app 生成验证码，如 [Authy](https://authy.com/), [Microsoft](https://www.microsoft.com/en-us/security/mobile-authenticator-app/), [Google](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2/) authentication app 。
+
+
+开启 邮件验证 或者 TOTP 验证，您都需要进入账户设置页面。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/1-settings-account.png)
+
+### 邮件验证
+
+开启登录的邮件验证，需要：
+
+1. 设置邮件
+2. 启用 "Enable email login verification" 选项。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/2-2fa-email-1.png)
+
+当我们下次登录时，RustDesk 就会向我们发送验证码邮件，web 页面也会跳转到验证页。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/2-2fa-email-2.png)
+
+
+### TOTP
+
+TOTP 是广泛使用的 2FA 方式，因此在 RustDesk Server Pro 的 web console 中，2FA 就是指 TOTP 验证。
+
+#### 准备 authentication app
+
+首先，您需要准备一个 authentication app。
+您可以选这几种 [Authy](https://authy.com/), [Microsoft](https://www.microsoft.com/en-us/security/mobile-authenticator-app/), [Google](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2/) authentication app 。
+
+#### 开启 2FA
+
+当设置页显示 "Enable 2FA" 的按钮时，说明 2FA 当前未开启。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-1.png)
+
+
+点击按钮，弹出开启 2FA 的弹窗。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-2.png)
+
+
+打开 authenticator app ，通过扫描二维码添加账户。
+
+如果您不方便扫描二维码，您还可以直接输入此处的码。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-3.png)
+
+authenticator app 添加账户后，输入 authenticator app 中的验证码，即可开启 2FA。
+
+2FA 开启成功后，RustDesk Server Pro 同时会绑定 10 个**备用码**。以便您无法使用 authenticator app 时，也能用这些**备用码**通过验证。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-4.png)
+
+
+**注**：
+
+1. 这些备用码只能使用一次。
+2. 请把备用码保管在安全的地方。
+
+#### 登录验证
+
+在设置页，开启 "Enable 2FA login verification" 选项。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-login-5.png)
+
+
+登录时，会跳转验证页
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-enable-login-6.png)
+
+
+#### 修改设置
+
+开启 2FA 后，修改账户设置，需要额外的 2FA 验证。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-settings-1.png)
+
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-settings-2.png)
+
+
+#### 状态
+
+2FA 一共有3个状态：未启用， 已启用 和 过期。
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-state-not-enabled.png)
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-state-enabled.png)
+
+![](/docs/en/self-host/rustdesk-server-pro/2FA/images/3-2fa-state-expired.png)
+
+**注**：2FA 显示过期后，仍然可以正常使用。只是 2FA 设置已有一段时间未改变（默认180天）。为安全起见，我们建议重新启用 2FA ，已更新 2FA 数据。