What is the difference between doing this by going this Personal>account>2-step and doing it Control Panel>Security>Account? The reason I ask is that I had two drives installed when I did this and it worked fine. If I remove the drive from slot two it still works fine. However if I remove the drive from slot one and try to login with only the drive in slot two, the two factor authentication code NEVER works. No matter how many times I CORRECTLY enter it, it fails.
Thanks for this super explanation. On question i have for you is this one. When you reset the admin pass with the press reset for 4 seconds method. Will fi my hyperbackup setup and old user accounts still be available? Will my default and non encrypted shared folders be available and mounted? This i cant find anywhere , but you sure have the best video out there explaining this. So basicly you said after reset you need to set a ton of things, which ones do you actually refer too is my question. Thanks in advance.
Can you do an update / deepdive on this topic? I find 2FA on synology utterly confusing. I consider myself a power user but the many ways you can 2FA into the NAS just boggles my mind. I usually set up multiple 2FA methods for redundancy. So on mac i ise touch id, but also a YubiKey. But for logging into the photo app it requires a code, so also the 2FA app needs to be installed. And the location of the 2FA settings on the nas also are confusing.
nas synology If you lose your mobile phone And need to disable 2 factor authentication (2fa) will not be able to access any settings. User will have to enter OTP code. Is there a way to fix this? thank you
Great tutorial! Have it all set up now on my synology. If possible, perhaps a tutorial on how to set up wireguard on the synology? As an alternative to OpenVPN. Much thanks
Hi great video as always ,just an additional thought could you possibly go through all the configuration options for log reports and email notifications etc thanks?
It comes down to if google things Synology’s implementation is good enough. Google could one day kick off all Synology NAS from its services (it’s up to google)
@@SpaceRexWill oh i get it. thank you. i think if they decide to cancel the auth service. At least they should give out a notice or it could cause serve problem to ppl's data. I really reply on the two factor auth to keep it safe. Could you recommend a better way to do so?
It is unlikely that they will without notice. If you want a more permanent solution you should look at an SMTP server. But for home users that is likely overkill
All things considered, I’d rather have 2FA set up than not. I use LastPass Authenticator, as well as a few others, as you can scan the 2FA QR code on as many as you want. The best way to mitigate the accidental loss of 2FA is to store the 2FA QR code in a safe, either on a USB key, or on the printed page.
Buen video, lo que no entiendo es sobre la sincronizacion de contactos. cuando busco mis contactos de google en synology contacts, no aparecen. como funciona eso?,. tambien veo que no tienes problemas con el "DNS loopback" ya que cuando accedo a mi NAS desde mi red local, no reconoce el certificado SSL. Saludos
@@SpaceRexWill They asked for the Synology account email, the serial number of the unit and a photo of the serial number of the NAS - in this way they could identify me. Then they turned of the 2FA, and I could log in without 2FA.
Just print the QR code and put that somewhere. Than you can setup authenticator all over again if you lost your phone. And don’t use google for anything!
I recently installed a Synology NAS and I've been binge watching your videos. Thank you so much for all your help!!!!
Another great video that explains things extremely well. You are my go-to source for all things Synology!
Wow, thank you!
What is the difference between doing this by going this Personal>account>2-step and doing it Control Panel>Security>Account? The reason I ask is that I had two drives installed when I did this and it worked fine. If I remove the drive from slot two it still works fine. However if I remove the drive from slot one and try to login with only the drive in slot two, the two factor authentication code NEVER works. No matter how many times I CORRECTLY enter it, it fails.
Well done video! Very easy to understand and enable. Thank you!!!
Glad it was helpful!
From my understanding, (group 1) this is not needed for local access only?
Correct
Make sure that you have configured and tested your NAS NTP, so that it’s time is accurate & stable. Mine wasn’t & it upset the TOTP quite badly!
lol what did you have to do? I guess if your Synology was slow you could just enter the code in from a couple of minutes ago lol
SpaceRex I thought I might have to admin reset, but I fixed the time server service & it started working.
Thanks for this super explanation. On question i have for you is this one. When you reset the admin pass with the press reset for 4 seconds method. Will fi my hyperbackup setup and old user accounts still be available? Will my default and non encrypted shared folders be available and mounted? This i cant find anywhere , but you sure have the best video out there explaining this. So basicly you said after reset you need to set a ton of things, which ones do you actually refer too is my question. Thanks in advance.
Great video! Exactly the right advice needed!👍👍👍
Thank You! Great intel, as always.
Video about as good as it can get. Thank you! (Mostly for taking the time and other resources to help others in a professional way, Nice!)
Can you do an update / deepdive on this topic? I find 2FA on synology utterly confusing. I consider myself a power user but the many ways you can 2FA into the NAS just boggles my mind. I usually set up multiple 2FA methods for redundancy. So on mac i ise touch id, but also a YubiKey. But for logging into the photo app it requires a code, so also the 2FA app needs to be installed. And the location of the 2FA settings on the nas also are confusing.
nice guide. When linking Google accounts, does this give Google information about your synology box or is it for email only?
how do you change "admin" name as ID to another name?
Can do a video not using google?
Does no synology have its own authentication app?
Great explanation, thanks again. Request, if you have time? A good explanation of installing a pi-hole with docker?
nas synology If you lose your mobile phone And need to disable 2 factor authentication (2fa) will not be able to access any settings. User will have to enter OTP code. Is there a way to fix this? thank you
good question…also curious about this..
Excellent video and explanation thank you
Do i need 2FA when i only use my nas local and don't connect any synology account or remote access / port forwarding.
Great tutorial! Have it all set up now on my synology. If possible, perhaps a tutorial on how to set up wireguard on the synology? As an alternative to OpenVPN. Much thanks
I have been meaning to, however before I can really recommend someone use WireGuard on Synology there needs to be a really stable build.
@@SpaceRexWill Understood! I'm subscribed and will stay tuned. much thanks
I think the removed the 2FA from other brands like google/microsoft and only added there Synology Secure SignIn app as a 2FA login
The needs updating as new Synology DS 1821+ has three methods of 2nd step verification.
Oh what a great idea to have 2 different 2FA methods! I just spent the last 2 hours trying to recover from a lost phone w my authenticator app. :(
I am getting "Cannot get contact information" after authentication and allow Google. Any suggestions?
Really weird. Have never heard that one
Same here.
I prefer to use Synology secure signin application. It allows you to use password list authentication
Nice Video. Does it make sense to only use this for an admin account? (normal admin is disabled)
I switched phones and my secure signin wasn't transferred to the new phone. How can I log into DSM now?
You can try using the email 2 factor that was setup. Finally you can do a soft reset if nothing else works
On the google app it is possible to transfer the 2FA to another phone if your upgrading.
True. But it still does not help if it fails
is it possible as an administrator to turm tfa on for users?
Hi great video as always ,just an additional thought could you possibly go through all the configuration options for log reports and email notifications etc thanks?
Its actually a different configuration, I have been meaning to do a video on it!
Great videos! May I ask why the recovery email might fail over time? Do you mean the mail server service outrage or email account hacked?
It comes down to if google things Synology’s implementation is good enough. Google could one day kick off all Synology NAS from its services (it’s up to google)
@@SpaceRexWill oh i get it. thank you. i think if they decide to cancel the auth service. At least they should give out a notice or it could cause serve problem to ppl's data. I really reply on the two factor auth to keep it safe. Could you recommend a better way to do so?
It is unlikely that they will without notice. If you want a more permanent solution you should look at an SMTP server. But for home users that is likely overkill
All things considered, I’d rather have 2FA set up than not. I use LastPass Authenticator, as well as a few others, as you can scan the 2FA QR code on as many as you want. The best way to mitigate the accidental loss of 2FA is to store the 2FA QR code in a safe, either on a USB key, or on the printed page.
Good point!
So I can screenshot the QR code, print it, then use that to setup the Authenticator again if something goes wrong?
Buen video, lo que no entiendo es sobre la sincronizacion de contactos. cuando busco mis contactos de google en synology contacts, no aparecen. como funciona eso?,. tambien veo que no tienes problemas con el "DNS loopback" ya que cuando accedo a mi NAS desde mi red local, no reconoce el certificado SSL. Saludos
Love your content! Is there a way I can use 2FA with VPN connection? Is it safe to expose VPN port to the open Internet without 2FA?
Is there a way to not require 2FA for devices connected on the same network as NAS?
For login you have an option to trust the device so next time you only need password to login.
5:06 - Where the directions ACTUALLY START
If someone has access to my computer how much harder is it really to also get access to my Email account?
This is for people who have external access to their NAS. Meaning anyone on the internet could start password guessing
@@SpaceRexWill Oh, there is a version of Synology NAS where you don't need a VPN to access externally?
Does remember this device last forever? Does deleting cookies and temp files from the browser affect it?
It does not last forever. Even if you do not clear cookies, every once and a while it will expire and you will have to reenter the code
@@SpaceRexWill Thanks.
Sure wish Synology would incorporate Yubikey.....
Isn't one of the options "use a hardware key"? I'll try to test this today.
they did.....
My 2FA suddenly stopped working - I contacted Synology support and after answering a couple of questions Synology turned 2FA off, very smooth.
Interesting. How did they turn it off? Did they have you enter a code or anything or were they just able to turn it off remotely?
@@SpaceRexWill They asked for the Synology account email, the serial number of the unit and a photo of the serial number of the NAS - in this way they could identify me. Then they turned of the 2FA, and I could log in without 2FA.
video idea - this could be updated, the screens and process have changed.
Just print the QR code and put that somewhere. Than you can setup authenticator all over again if you lost your phone.
And don’t use google for anything!
Apparently everyone else has to use it too.
You can choose who has to use it
@@SpaceRexWill How do i do that please?