help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.
In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:
example
Or for longer, use three backticks above and below the code snippet:
longer
example
here
Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can
Nextcloud version (eg, 18.0.2): 20.0.2
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04
Apache or nginx version (eg, Apache 2.4.25): NGinx
PHP version (eg, 7.1): 7.4
The issue you are facing:
Since the activation of the 2fA via google authentificator, users have to login again and again when the browser is closed. Is there a possibility that the user remains logged in for xx h on the already activated device?
Is this the first time you’ve seen this error? (Y/N):
I have now tested everything with different browsers and also with different user logins.
Conclusion: With some users there is the problem of logging out after closing the browser. But there are also users who stay logged in. 2FA Is forced for all users.
I found the problem and it looks like it is a bug…
If the username contains a space, the cookie which indicates that you are already logged in to this system can probably not be read or correctly assigned. This means that you will have to log in again and again as soon as the browser is closed.
This was tested on 3 NC instances by creating one user with and one without spaces. The one without spaces remained logged in, the one with had to log in again and again.