Setting up 2FA for multiple people on TrueNAS


I wanted to setup 2FA für TrueNAS but I need to set it up for me and a colleague in case I’m unavailable or get hit by a car. To avoid the entire company being shut out if my phone and/or my brain shuts down is there a way to setup 2FA for the root login so that more than one person can get into the machine or is that not possible and 2FA can potentially become a single point of failure if the person or his phone who has the 2FA setup “vanishes” from the planet’s surface?
Better to avoid 2FA?


I use 2FA on multiple devices for multiple users.

There is that code you get to initially setup 2FA just add that to your 2nd code generator.

Personally I have found KeepassXC as a good storage solution for 2FA, obviously if accessed the keys to the kingdom are open.

You mean the QR code? How is the other person going to get access to that QR to set it up on his phone? I make a screen shot?
It would be much easier if TN allowed to allow users to administer the server but there’s only the “root” user that can login, AFAIK. So it’s one user but multiple physical people that need to get into the box. I fact I always wondered why the interface is asking for a user name in the first place when the only user ever allowed in is the “root” user. Just asking for the pw would suffice.

But maybe I misunderstood what you meant?

Yeah that QR code also has a numeric code, I think it’s called the shared secret which you enter instead of the QR image

When setting up 2FA for systems that do not have multiple users screen shot and printing that QR code and keeping in a safe and documenting the procedure for what to do if you are unavailable is probably the best process.

Great advice! Thank you both!

1 Like