Hey all. One of my newest features is the support for two-factor authentication. It's easy to think that a simple username and password is safe, but this is not the case - especially with Dashed Hosting.
The interactivity of your site is controlled primarily by your project codename. This is a phrase made up of two words, separated by an underscore. For example, my project codename could be
dashing_dasho. This is the only thing a person needs to know to access your server. As I do not tie identities to a server (in general, but sometimes I mimic these in the codename), this secret is used to validate ownership. It can be easy to attack therefore. It is your responsibility to keep your codename safe and private, and not forget it.
If you feel that you would like extra authentication though, I allow PGP and OTP based 2FA. In fact, I recommend it. To set up 2FA, just ask, and I will send you a QR code to scan into your 2FA app. There is no verification that it’ll work, trust me it will. If you lose your 2FA access, you can check a file called
verify.txt which you can find on your server in the
/root directory with a random 12 varchar string, and then send me that string to verify your ownership. It is important to take note of this string before you need it, because if your server turns off and you need me to turn it back on, you won't be able to access this whilst it's off.
This is why it is important to keep your private URL … well, private.
For PGP key-based 2FA, which might be useful if you want to verify ownership using 2FA without having to be chatting with me in real-time, upload your public PGP key to the
/root folder. That's it! That's all you need to do. Again, take note of the
verify.txt string, just in case you lose your PGP Private Key.
That's all for now folks, 😀