diff --git a/docs/docs/.vitepress/sidebar.ts b/docs/docs/.vitepress/sidebar.ts index 927f12b9d6..2d473a4e34 100644 --- a/docs/docs/.vitepress/sidebar.ts +++ b/docs/docs/.vitepress/sidebar.ts @@ -139,7 +139,17 @@ export const sidebar = [ text: "Auth", items: [ { text: "Introduction", link: "/auth/" }, - { text: "FAQ", link: "/auth/faq/" }, + { + text: "FAQ", + collapsed: true, + items: [ + { text: "General", link: "/auth/faq/" }, + { + text: "Enteception", + link: "/auth/faq/enteception/", + }, + ], + }, { text: "Migration", collapsed: true, diff --git a/docs/docs/auth/faq/enteception/index.md b/docs/docs/auth/faq/enteception/index.md new file mode 100644 index 0000000000..4b3167f735 --- /dev/null +++ b/docs/docs/auth/faq/enteception/index.md @@ -0,0 +1,51 @@ +--- +title: Enteception +description: Using Ente Auth to store 2FA for your Ente account +--- + +# Enteception + +Your 2FA codes are in Ente Auth, but if you enable 2FA for your Ente account +itself, where should the 2FA for your Ente account be stored? + +There are multiple answers, none of which are better or worse, they just depend +on your situation and risk tolerance. + +If you are using the same account for both Ente Photos and Ente Auth and have +enabled 2FA from the ente Photos app, we recommend that you ensure you store +your recovery key in a safe place (writing it down on a paper is a good idea). +This key can be used to bypass Ente 2FA in case you are locked out. + +Another option is to use a separate account for Ente Auth. + +Also, taking exporting the encrypted backup is also another good way to reduce +the risk (you can easily import the encrypted backup without signing in). + +Finally, we have on our roadmap some features like adding support for +emergency/legacy-contacts, passkeys, and hardware security keys. Beyond other +benefits, all of these would further reduce the risk of users getting locked out +of their accounts. + +## Email verification for Ente Auth + +There is a related ouroboros scenario where if email verification is enabled in +the Ente Auth app _and_ the 2FA for your email provider is stored in Ente Auth, +then you might need a code from your email to log into Ente Auth, but to log +into your email you needed the Auth code. + +To prevent people from accidentally locking themselves out this way, email +verification is disabled by default in the auth app. We also try to show a +warning when you try to enable email verification in the auth app: + +
+ +![Warning shown when enabling 2FA in Ente Auth](warning.png){width=400px} + +
+ +The solution here are the same as the Ente-in-Ente case. + +## TL;DR; + +Ideally, you should **note down your recovery key in a safe place (may be on a +paper)**, using which you will be able to by-pass the two factor. diff --git a/docs/docs/auth/faq/enteception/warning.png b/docs/docs/auth/faq/enteception/warning.png new file mode 100644 index 0000000000..c3dba290de Binary files /dev/null and b/docs/docs/auth/faq/enteception/warning.png differ diff --git a/docs/docs/auth/faq/index.md b/docs/docs/auth/faq/index.md index 0656dabf76..6386be0afe 100644 --- a/docs/docs/auth/faq/index.md +++ b/docs/docs/auth/faq/index.md @@ -33,15 +33,20 @@ You can enable FaceID lock under Settings → Security → Lockscreen. Please verify that the time on both your mobile and desktop is same. ### Does ente Authenticator require an account? -Answer: No, ente Authenticator does not require an account. You can choose to use the app without backups if you prefer. - ### Can I use the Ente 2FA app on multiple devices and sync them? +Answer: No, ente Authenticator does not require an account. You can choose to +use the app without backups if you prefer. - Yes, you can download the Ente app on multiple devices and sync the codes, end-to-end encrypted. +### Can I use the Ente 2FA app on multiple devices and sync them? + +Yes, you can download the Ente app on multiple devices and sync the codes, +end-to-end encrypted. ### What does it mean when I receive a message saying my current device is not powerful enough to verify my password? -This means that the parameters that were used to derive your master-key on your original device, are incompatible with your current device (likely because it's less powerful). - -If you recover your account via your current device and reset the password, it will re-generate a key that will be compatible on both devices. +This means that the parameters that were used to derive your master-key on your +original device, are incompatible with your current device (likely because it's +less powerful). +If you recover your account via your current device and reset the password, it +will re-generate a key that will be compatible on both devices. diff --git a/docs/docs/photos/faq/general.md b/docs/docs/photos/faq/general.md index 54f3db1acd..c20bebbc41 100644 --- a/docs/docs/photos/faq/general.md +++ b/docs/docs/photos/faq/general.md @@ -110,11 +110,12 @@ or "dog playing at the beach". Check the sections within the upload progress bar for "Failed Uploads," "Ignored Uploads," and "Unsuccessful Uploads." -## How do i keep NAS and Ente photos synced? +## How do i keep NAS and Ente photos synced? -Please try using our CLI to pull data into your NAS https://github.com/ente-io/ente/tree/main/cli#readme . +Please try using our CLI to pull data into your NAS +https://github.com/ente-io/ente/tree/main/cli#readme . ## Is there a way to view all albums on the map view? -Currently, the Ente mobile app allows you to see a map view of all the albums by clicking on "Your map" under "Locations" on the search screen. - +Currently, the Ente mobile app allows you to see a map view of all the albums by +clicking on "Your map" under "Locations" on the search screen. diff --git a/docs/docs/photos/faq/security-and-privacy.md b/docs/docs/photos/faq/security-and-privacy.md index b5e8231ac2..5aba33e8f1 100644 --- a/docs/docs/photos/faq/security-and-privacy.md +++ b/docs/docs/photos/faq/security-and-privacy.md @@ -81,7 +81,9 @@ and is never sent to our servers. Please note that only users on the paid plan are allowed to share albums. The receiver just needs a free Ente account. - ## Has the Ente Photos app been audited by a credible source? -Yes, Ente Photos has undergone a thorough security audit conducted by Cure53, in collaboration with Symbolic Software. Cure53 is a prominent German cybersecurity firm, while Symbolic Software specializes in applied cryptography. Please find the full report here: https://ente.io/blog/cryptography-audit/ \ No newline at end of file +Yes, Ente Photos has undergone a thorough security audit conducted by Cure53, in +collaboration with Symbolic Software. Cure53 is a prominent German cybersecurity +firm, while Symbolic Software specializes in applied cryptography. Please find +the full report here: https://ente.io/blog/cryptography-audit/ diff --git a/docs/docs/photos/migration/export/index.md b/docs/docs/photos/migration/export/index.md index 51b347d01b..c66a4f23dc 100644 --- a/docs/docs/photos/migration/export/index.md +++ b/docs/docs/photos/migration/export/index.md @@ -64,6 +64,6 @@ data reflects the latest album states with new files, moves, and deletions. If you run into any issues during your data export, please reach out to [support@ente.io](mailto:support@ente.io) and we will be happy to help you! -Note that we also provide a [CLI -tool](https://github.com/ente-io/ente/tree/main/cli#export) to export your data. -Please find more details [here](/photos/faq/export). +Note that we also provide a +[CLI tool](https://github.com/ente-io/ente/tree/main/cli#export) to export your +data. Please find more details [here](/photos/faq/export).