Two Factor Authentication


Does it any possibilities to set up 2FA using email instead of TOTP on owncloud 10?

If we enable 2FA TOTP module we can't use mobile version client - it seems there is no feature to enter code for authetification.

Kind regards,


do you mean that if you enable TOTP - you can't login on your mobile device, for example an iPhone or a Samsung ?

Correct, on Iphone using next app:

There is an error while connection if I use TOTP: wrong password.

Okay, you need to install OAuth2 additionally to the TOTP

So in steps:

go in your owncloud to Market, and Install the OAuth2 app.

then install the 2-Factor Authentication app

then create a new user, and log in with him

go to settings and under personal - security

you have to activate the TOTP feature.

Then you have to scan the QR code with a TOTP App for example FreeOTP

then you have to enter the code.

Then you can log in with your username and password on a mobile device, enter your password, and then the code from your OTP app.

You can use app passwords for desktop and mobile clients when using two-factor authentication. See

I've installed OAuth2 app, but while connection from iPhone I see error "Internal Server Error".
Can I use email to receive token for 2FA?

With this one - I don't think so. You should check out privacyidea

Edit: Unfortunately 2FA via E-Mail can't work with ownCloud. I am sorry.

the ownCloud core supports multiple second-factor providers and twofactor_totp only provides totp as a second factor. There is an old repo for twofactor_email: , but currently it is not maintaining, if you want, you can be a maintainer for it, I'm happy to help if you have any questions about it.

By the way, mobile and desktop clients do not support any kind of two-factor provider. As far as I understand, twofactor_email also does not solve your problem. If you want to use two-factor auth on your server, you should authenticate your clients via app passwords or oauth.

@kos, you were wondering if you could send a one time password code to an email address. You can do this, as @dmitry mentioned with privacyidea. In ownCloud you need to install the privacyIDEA ownCloud App from the martketplace.

This privacyIDEA ownCloud App needs to talk to a (your) privacyIDEA server. Yes, you need to install the central authentication server privacyIDEA in your setup in addition.
But for this you get:

  • the administrator can define, who has to use which second factor!
  • many different tokens types for 2FA like: Smartphone App, hardware token, SMS, Email, Yuikey, U2F... and many more...

When you have done this, you can at least use app passwords as @karakayasemi mentioned.

1 Like