TOTP-Based 2FA on Closed Networks Without Internet Access
Original Question or Issue:
Does TOTP-based 2FA function on a closed FileCloud server network without internet access?
Environment:
- Product - FileCloud Server
- Version - Any
- Platform - Any
Steps to Reproduce:
Error or Log Message:
Defect or Enhancement Number:
Cause:
Resolution or Workaround:
TOTP-based 2FA continues to function when the FileCloud server is deployed on a closed or internal network without internet access.
TOTP uses a shared secret and the current system time to generate and validate codes locally between the authenticator app (for example, Google Authenticator or Microsoft Authenticator) and the FileCloud server. After initial enrollment, no external connectivity is required for code generation or verification.
Ensure the following prerequisites are met:
- FileCloud server time is correctly synchronized (using NTP or an internal time source).
- Device time is accurate.
- Initial QR code enrollment can be completed.
Notes:
Email-based 2FA behaves differently and requires outbound email functionality from the server.