Code.videolan.org unusable since 2FA

[Rancid]

Am unable to use code.videolan.org as only 2FA screen accessible.
I do not use 2FA
Is there any other way?

[InTheWings]

Get any app an use 2FA
https://docs.gitlab.com/ee/user/profile ... ation.html

[Rancid]

andOTP worked.
FreeOTP, as suggested in the link you posted did not work, as was unable to enter key manually.
How to scan qr code when on phone, just stupid.

[Stef_An]

andOTP worked.

I know, that this is a workaround, but it works: I successfully used oathtool in Linux to create a 6 digit PIN from the long code on the 2FA setup page. The whole article about it is here:

https://www.cyberciti.biz/faq/use-oatht ... ation-2fa/

At the end, all you need is a command like oathtool -b --totp 'N3V3R G0nn4 G1v3 Y0u Up' and it generates your PIN. The only problem - it works just for the current session. So after logoff, on the next logon, one have to repeat the PIN generation. But on the bright side: one don't have to install some extra software on the phone or somewhere else.

On Windows, WinAuth should do the trick.

[Stef_An]

I know, that this is a workaround, but it works:

Afterwards, I found this solution on the wiki.

So now one has 3 possibilities:

1. As in the wiki, just save the long code from the right of the QR code and use it with oathtool to manually generate the PIN every time one needs it.
2. Use some full-GUI solution like OTPClient on Linux or WinAuth on Windows or Linux (here with wine). One can create a local saved database and let the PIN be generated every time one needs it. There is no need to install some extra software on the PC or smartphone and sign-up for another account on another service. And the data is saved locally, not in some cloud. One has to, on the other side, setup such database on every device, where one likes to log in into the GitLab of the VLC.
3. As a deviation from the both other scenarios: one just deactivates 2FA every time before one logs off on the GitLab. This way, next time after the log-in, one would be asked to set up the 2FA again and would be once again shown the long code to create a PIN. There is no need to save any information locally. One just uses some program, GUI or not, to generate the PIN as in the set-up step. But: don't forget to deactivate the 2FA, if you don't save the code(s)!

In any scenario: save the recovery codes, for the case you lose the code or need them otherwise. And: either save the code right to the QR code in some file/program database or on the paper, or don't forget to deactivate the 2FA before logout.

[bsduck]

Hello,

I've been reporting bugs for years to numerous free software projects.
I don't remember ever having trouble to complete that basic task. Until today.

Two-factor authentification. Please, what's this bad joke?
I've never seen such a cumbersome process to access a bug tracker.
I don't have a phone connected to the internet and I lost half an hour just to find a way to validate my account.

Most people merely want to report issues, they're not asking for commit rights to your repositories.
If you want 2FA for your developer zone, then please create a dedicated bugzilla outside it for us mere mortals.
Otherwise you'll inevitably miss valuable user feedback.

Thank you.