2fa and oscial provider
Since social providers do not return a password when signing up through them but i want to enable 2fa for all users by default, but in order to enable the user has to enter a password which is set to null in the db for people who use google, im going to use google as the only oidc provider and email+pw+2fa for the rest.
So how can i enable 2fa without a password?
I would rather not start creating random passwords since they are encrypted and would not be retreivable unless i encrypt them myself and decrypt at use, since i need the actual password and not the hash...
anyway, any ideas anyone???
Thanks! 🤦
2 Replies
2FA doesn't work with social providers currently. Even if the user has enabled 2FA, logging in with a social provider will skip the verification step. Social or other OAuth providers are meant to handle 2FA on their side, so checking on your site is redundant unless you're building a sensitive application.
Got it! Thanks man!