this post was submitted on 30 Nov 2025

30 points (96.9% liked)

PieFed Meta

2008 readers

5 users here now

Discuss PieFed project direction, provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics.

Wiki

founded 2 years ago

MODERATORS

rimu@piefed.social

Request to add TOTP 2FA authenticator support in Piefed (piefed.world)

submitted 2 weeks ago by punrca@piefed.world to c/piefed_meta@piefed.social

14 comments fedilink hide all child comments

On PieFed World v1.1.7-13-ge3e624cc, currently only Passkeys and OAuth authentication is supported in the settings. I'm not sure if Piefed Social latest v1.3.6 version supports TOPT 2FA or if this issue is only pertaining to Piefed World instance.

If this feature is missing, kindly add a new feature to support TOPT 2FA based authentication. Thanks...

top 14 comments

sorted by: hot top controversial new old

[–] sga@piefed.social 4 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

I am actually surprised why it is not already there? Please correct me if I am wrong, but is not totp like easier to implement than the other oauths listed? (iirc, it has something to with current seconds since epoch, some integer divide by 30 (or 60) and a cipher, and that is part of pair or something)

I tried to lookup, and found https://pyauth.github.io/pyotp/. I do not know what is piefed's policy on using readymade libraries (i know they are really lean on stack, but if i am not wrong, this library would be really light, and will likely just need a database to store the key (likely the passwords db)

here is the src code for above lib - https://github.com/pyauth/pyotp

[–] Blaze@piefed.zip 9 points 2 weeks ago

I am actually surprised why it is not already there?

Because nobody requested it.

Personal feeds, APIs for the mobile apps, mechanisms to deal with spammers, instance filters, all of those were requested and got delivered.

I am happy with the passkey option, I assume other people too.

[–] asudox@lemmy.asudox.dev 3 points 2 weeks ago (1 children)

It's very easy to implement. I am also questioning why this isn't a thing already.

[–] Blaze@piefed.zip 8 points 2 weeks ago (1 children)

Because nobody requested it.

Personal feeds, APIs for the mobile apps, mechanisms to deal with spammers, instance filters, all of those were requested and got delivered.

I am happy with the passkey option, I assume other people too.

Also I remember Lemmy 2FA causing some issues at the beginning, locking people out of their accounts.

[–] asudox@lemmy.asudox.dev 2 points 2 weeks ago (1 children)

Fair.

But with the simplicity of TOTP, I would expect it whenever there is 2fa in a service. Plus passkeys are not as widely used or even known as TOTP.

Also I remember Lemmy 2FA causing some issues at the beginning, locking people out of their accounts.

Oh yes, that did happen. But it was the fault of the Lemmy devs, not because "TOTP is bad and hard".

[–] Blaze@piefed.zip 5 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Again, until now, nobody brought it up

1.3 has 32 issues : https://codeberg.org/rimu/pyfedi/projects/20953
1.2 had 40: https://codeberg.org/rimu/pyfedi/projects/19472

Nobody brought it up during the 2025 roadmap prioritisation: https://codeberg.org/rimu/pyfedi/projects/30813

You can already see in 1.5 issues for the API endpoints for the feeds : https://codeberg.org/rimu/pyfedi/projects/30813 . I would personally prefer those to be prioritized over TOTP , especially as passkeys are already available, but in the end rimu will judge.

[–] asudox@lemmy.asudox.dev -1 points 2 weeks ago

aight, whatever you say

[–] Ininewcrow@piefed.ca 1 points 2 weeks ago (1 children)

I just got my piefed account started and TOTP 2FA was one of the first things I went searching for.

I saw the other options but they are unfamiliar to me as I've never used them.

[–] Blaze@piefed.zip 2 points 2 weeks ago (1 children)

Welcome to Piefed!

[–] Ininewcrow@piefed.ca 2 points 2 weeks ago (1 children)

Thanks ... it feels a bit like a very small club at the moment but it's neat to be here and see something new grow.

Nice to be here!

[–] Blaze@piefed.zip 2 points 2 weeks ago (1 children)

Feel free if you have any questions!

[–] Ininewcrow@piefed.ca 1 points 2 weeks ago (1 children)

I want to find out more about the origins and development of Piefed ... but I can't seem to find any central write up or basic history. I have to search through past comments and posts to cobble together any info and the Piefed websites, tech descriptions from other sites or anywhere are all very generic and just say it's a fediverse software similar to Reddit and Lemmy.

I don't want people to completely dox themselves and expose themselves online if they don't want to ... but at the same time I want to know who the people are that working on the software I want to support. I want to know the people and their organization. I dug around the internet and found the main Piefed developer Rimu Atkinson and he seems like a very decent person.

I guess what I am asking is ... it would be nice to have a central place of information for Piefed. A description of its history, how it came about, when it started, who the people are that are making it happen, how many of them there are. If you guys are worried about corporate espionage, a public blog wouldn't make any difference because these big corporations already have detailed profiles on everyone as it is ... it's just not public.

The thing about public easy to read and quick information site descriptions, articles and stories about people and their work is very informative for us who are new to your community. I had to really do a lot of digging and reading about Piefed over several months (not because it took me that long but because I just did it in my spare time, wasn't terribly interested and it took a lot of coaxing on my part to look things up). If I was unsure and I wanted to know this history but I had to look up this info on my own ... there are probably many more people out there who just wouldn't bother and pass over Piefed because they just don't know, can't find out and don't want to be bothered searching for the info.

It's just basic marketing and communications .... if people don't know you, your work or what you're about ... most people won't take the time to research it all and just won't bother with it. If there is an easy place to just read up on all this stuff in a few hundred words, a photo or two even, then people would feel a lot more comfortable about wanting to try Piefed.

[–] Blaze@piefed.zip 2 points 2 weeks ago (1 children)

Seems like this interview of Rimu comes at just the right time!

https://piefed.ca/c/piefed_meta/p/370219/a-peak-at-piefed

https://video.fedihost.co/videos/watch/e63cc1e0-b35f-4afd-9a1c-d419bc44c06d

[–] Ininewcrow@piefed.ca 1 points 1 week ago

Thanks for this, I had to take time to be able to watch the full video. Great talk and I enjoyed being able to listen to the lead developer ... but it was a bit strange to just turn on an interview video without knowing who anyone was or even have any of them introduce themselves properly.

It was still good and I left a detailed comment on the piefed.ca 'a peak at piefed' post ....

https://piefed.ca/comment/2496066