Doc fix to support patch v4.4.9

2025-12-05 01:10:14 +00:00 · 2025-05-20 02:23:12 +01:00
parent 3378d30944
commit 7ab6196f35
2 changed files with 1 additions and 9 deletions
--- a/docs/pages/getting-started/config.md
+++ b/docs/pages/getting-started/config.md
@@ -43,7 +43,7 @@ This file is Crafty's system configuration file, it provides numerous settings w
    | "show_contribute_link"           | bool      | true    | Show the link to contributors on the navigation of Crafty.                           |
    | "show_errors"                    | bool      | true    | Should we show traceback errors on the page<br>(This helps us with debugging when you come in with issues. 👷‍♂️) |
    | "stats_update_frequency_seconds" | int       | 30      | How often we poll your server for stats. (seconds)                                   |
-    | "superMFA"                       | bool      | true    | Enforces MFA to be configured for 'super users' if `true`                            |
+    | "superMFA"                       | bool      | false    | Enforces MFA to be configured for 'super users' if `true`                            |
    | "virtual_terminal_lines"         | int       | 70      | How many lines we should save in your server's terminal buffer.                      |

 ## Changing the server storage location
--- a/docs/pages/user-guide/user-authentication/totp-configuration.md
+++ b/docs/pages/user-guide/user-authentication/totp-configuration.md
@@ -2,10 +2,6 @@

 MFA adds a second factor of authentication, ensuring that only authorized users with both the correct password and a unique one-time code can access Crafty. In this guide, we’ll walk you through enabling, configuring, and using MFA on your Crafty instance.

-!!! note "Super Users Require MFA by default"
-      With this release of Crafty, by default it is mandatory for 'Super User' accounts to have MFA enabled.
-
-
 <div class="center-content" markdown>
   <img src="../../../../img/page-assets/user-guide/user-authentication/totp-configuration/login-example.png" alt="crafty login example">
 </div>
@@ -85,16 +81,12 @@ MFA adds a second factor of authentication, ensuring that only authorized users
 ## MFA FAQs
   - **“Can I use multiple devices for MFA?”**<br>
     Yes!
-   - **"Why is TOTP mandatory by default?"**<br>
-     For security reasons, Crafty enforces TOTP by default to help safeguard access from the outset. Since Crafty allows authenticated code execution, it's critical that system logins are as secure as possible—especially on fresh installations. The default admin (super user) account has broad privileges and must be protected accordingly.
   - **“What if I lose my phone?”**<br>
     You can reset your backup codes in the "anti-lockout-user" then login and create a new MFA token. If you are a lower priviledged user you can speak with the system administrator for help.
   - **“Does MFA work offline?”**<br>
     As long as the system time is correct MFA will work offline.
   - **“Why am I getting an ‘Invalid Token’ error?”**<br>
     Your system time is likely not exactly in sync with your mobile device's time.
-   - **I don't want to have to use MFA! How do I disable it?!**<br>
-     You can disable the requirement for MFA on super users in the Crafty `config.json`, We recommend keeping it enabled on public instances! ([See above ☝️](#super-users))

 ## Additional Resources
   - [Wikipedia  | Time-Based One-Time Password Algorithm](https://en.wikipedia.org/wiki/Time-based_one-time_password){:target="_blank"}