2FA - does it work without limit?

[sadden3194]

Hi all!

a little question. I am using acme.sh on my synology as a docker container.
I have a user for this, which have 2FA enabled.

For this part I found these lines in the wiki:

Note that if the user entered for SYNO_Username has enabled two-factor authentication (2FA), the login will fail and the error states that user/password is wrong, even if both are correct. To fix this, simply follow the steps described at the [Synology DSM deployhook](https://github.com/acmesh-official/acme.sh/wiki/deployhooks#20-deploy-the-certificate-to-synology-dsm) wiki page - in short: log into your DSM via its website, making sure you've ticked Remember this device when asked for your OTP, get the did cookie's value and set the environment variable:

export SYNO_DID='YOUR VALUE'

Have the did cookie's value a limit time?
If yes I have to do this process every x days / month to get a new did?

[rioncm]

2FA really messes with the deploy process. If you can, dedicate a user without 2FA for this process. Setup a very unique user name and a very!! strong password. 2FA is always time sensitive. Even if you have the system "remember" the login it only last for 30 days. Certificate renewal is best between 80 and 90 days as the validity time is generally 90 days.