This modules enables simultaneously <ahref="u2f.html"class="wikilink1"title="documentation:2.0:u2f">U2F</a> and <ahref="totp2f.html"class="wikilink1"title="documentation:2.0:totp2f">TOTP</a><em>(like Gitlab)</em>. Users can so use their TOTP instead if they don't have their U2F device.
</p>
<p>
The difference with enabling both U2F and TOTP is that there is only one page displayed instead of displaying first a choice menu.
In the manager (advanced parameters), you just have to enable it:
</p>
<ul>
<liclass="level1"><divclass="li"> Activation: set it to “on”. Note that you should not enable directly <ahref="u2f.html"class="wikilink1"title="documentation:2.0:u2f">U2F</a> and <ahref="totp2f.html"class="wikilink1"title="documentation:2.0:totp2f">TOTP</a><em>(except for self-registration: see below)</em></div>
</li>
<liclass="level1"><divclass="li"> Authentication level: you can overwrite here auth level for registered users. Leave it blank keeps auth level provided by first authentication module (default: 2 for user/password based modules). It is recommended to set an higher value here if you want to give access to some apps only to users enrolled.</div>
</li>
</ul>
<divclass="notetip">Every other parameters of <ahref="u2f.html"class="wikilink1"title="documentation:2.0:u2f">U2F</a> and <ahref="totp2f.html"class="wikilink1"title="documentation:2.0:totp2f">TOTP</a> can be set in the corresponding 2F modules except that you should not enable them.
</div><divclass="noteimportant">If you want to give a different level for U2F or TOTP, leave this parameter blank and set U2F ant TOTP “authentication level” in corresponding modules.
This module has no self-registration. You must use U2F and TOTP self registration modules. Example: suppose you want to authorize U2F registration only if a TOTP secret is registered: