Hello,
I would like to enable encryption in 2FAuth so my codes are protected at rest in the database, and enable 2FAuth to send emails to me so I can reset my password if I ever need to do this.
Both of these things require editing the .env file, which is located at
/var/www/2fauth/.env
I have a question about each:
- Is enabling encryption worth doing if the APP_KEY value is stored in plain text in the .env file? Presumably the .env file itself will not be encrypted, and removing it to a separate storage device will break 2FAuth?
- The default mail settings that are in the .env file do not send an email to me when I do the ‘Email configuration test’ in 2FAuth’s ‘Admin’ page (‘App setup’ tab). How do I modify them so I can receive emails? (The explanations of the various parameters in 2FAuth’s documentation only make partial sense to me.)
The default settings post-installation are:
MAIL_DRIVER=smtp
MAIL_HOST=localhost
MAIL_PORT=587
MAIL_FROM=2fauth@auth.domain.tld
MAIL_USERNAME=2fauth
MAIL_PASSWORD= [a 24-digit string of what looks like hex numbers]
MAIL_ENCRYPTION=starttls
#MAIL_FROM_NAME=null
#MAIL_FROM_ADDRESS=null
Thank you
Edit: when I try to edit these values and then try to use the ‘reset password’ feature, it returns an error message – irrespective of what I change them to:
Unable to connect with STARTTLS: stream_socket_enable_crypto(): Peer certificate
CN=`domain.tld' did not match expected