Hello, I have just setup Ghost instance using Docker and a locally self hosted instance.
While I have succeeded in getting Ghost stood up, I can’t seem to located the 2FA slider within the “Staff” settings. I have looked at various posts on this forum and the web but cannot seem to get this to appear or work. I looked at this: 2FA auth slider is missing? - #4 by vikaspotluri123 But that was no longer helpful in this version of Ghost. Can you all provide assistance?
It’s in the Ghost Dashboard > Settings and scroll down to Staff. It is listed under the staff members.
This is available on my site on the latest update.
@KBExit - Thank you for the reply. When I go to Settings > Staff under the “Owner” Admin account this is what I see. I redacted the usernames and email addresses for security purposes.
But I don’t see a slider for 2FA.
This is where I am looking: www.domain.com/ghost/#/settings/staff
Is there something I am missing?
Please advise.
And under the user’s settings for Owner I don’t see it either.
I couldn’t post an image for that, but there isn’t a slider or setting under the actual settings of each user either.
You know what? I am willing to bet that you don’t have SMTP configured via .env in your docker configuration. This means your guests aren’t registering due to no transactional emails working and Ghost cannot send you 2FA codes to login.
@KBExit - I looked at my .env file and I do have SMTP configured per my SMTP provider’s recommended settings. I am using Brevo.. Is that the issue? Should I try a different provider?
Any chance you have security__staffDeviceVerification set? I’m
Wondering if it being set to false in the env file stops the toggle from appearing…
Hi @Cathy_Sarisky - I grep’ed my .env and compose.yml files but couldn’t find security__staffDeviceVerification value.
However, I went into the running container instance and found this in the config.production.json.
“security”: {
“staffDeviceVerification”: false
},
How can I adjust this value permanently outside the container?
I am an new to the Ghost setup, and don’t fully comprehend the setup using the .env files yet.
Thanks,
@Cathy_Sarisky / @KBExit - I found a post on Reddit that spoke to how to edit the .env file to turn on this feature.
# Additional Mail Config
security__staffDeviceVerification=true
However, I am having an additional issue that I can’t seem to solve.
The mail transport is set to “direct”. I have it set in my .env file to SMTP.
But no matter what I do it seems to be stuck on “direct”.
Is there a way to override this?
"mail": {
"transport": "Direct"
},
@Cathy_Sarisky & @KBExit - I got it sorted by rebuilding the container from the ground up. I now see the 2FA slider on the Staff page and the verification email works!
Thanks for all your guidance.
2 Likes