manaul merge in of verdigado:master (see #753) (MFA/TOTP support)

DOCUMENTS/DOVECOT.txt

@@ -262,3 +262,13 @@ If you use dovecot 1.2 or newer,
 - use the 'quota2' table (also created by setup.php)
 - set $CONF['new_quota_table'] = 'YES'
 
+5. Dovecot Allowed IPs and App Password support (optional)
+----------------------------------------------------------
+
+To enhance end user security, Postfixadmin supports a set of features that
+need implementation in the Dovecot login SQL queries.
+
+The following features are available:
+
+* Restrict login to a list of allowed remote IP addresses.
+* Allow login with app passwords.

DOCUMENTS/Postfix-Dovecot-Postgresql-Example.md

@@ -236,3 +236,19 @@ password_query = SELECT username AS user,password FROM mailbox WHERE username =
 # Query to retrieve user information, note uid matches dovecot.conf AND Postfix virtual_uid_maps parameter.
 user_query = SELECT '/var/mail/vmail/' || maildir AS home, 8 as uid, 8 as gid FROM mailbox WHERE username = '%u' AND active = '1'
 ```
+
+Password query with app password and allowed remote IP support:
+```
+password query = SELECT user, password FROM (\
+  SELECT username AS user, password, '0' AS is_app_password FROM\
+  mailbox\
+  UNION\
+  SELECT username AS user, password, '1' AS is_app_password FROM mailbox_app_password\
+)\
+WHERE user='%u' AND password='%w' AND active=1 AND\
+(\
+  "%r" IN (SELECT ip FROM totp_exception_address WHERE username="%u" OR username IS NULL OR username="@%d")\
+  OR (SELECT totp_secret FROM mailbox WHERE usenamer="%u") IS NULL\
+  OR is_app_password='1'\
+)
+```

DOCUMENTS/SECURITY.txt

@@ -42,3 +42,45 @@ filesystem with the following exceptions:
 - the templates_c directory where Smarty caches the templates
 - PHP's session.save_path to store session files
 
+
+END USER SECURITY
+-----------------
+
+To enhance the security of admin and mailbox user accounts, Postfixadmin
+supports a set of different features:
+
+1. Multi-factor authentication with TOTP for admin and mailbox users.
+2. Synchronize the TOTP secret with a Mail front end, for example
+   Roundcubemail. This enables TRUSTED mail user clients (MUAs) to
+   implement MFA internally.
+3. Enable MUAs with allowed IP addresses to log in with username and
+   password. Use this feature with care. It basically deactivates MFA
+   for specified IPs. This feature is intended for mail user clients
+   that implement MFA themselves, for example Roundcubemail. However,
+   this can also be used to deactivate MFA when a VPN is used or other
+   use cases.
+4. Allow SMTP, IMAP and POP login with app passwords when a TOTP secret
+   is set. The app passwords cannot be used to log in at Postfixadmin
+   itself. That means only the normal user password plus the TOTP factor
+   allow adding, changing or removing app passwords.
+
+These features are DEACTIVATED by default because they need to be
+supported by your MTA/MDA configuration to become effective. Please
+read carefully through the documentation before activating these
+features.
+
+To activate those features, run through the following procedure:
+1. Change your MDA (and if required MTA) password query. You can
+   take a look at the example query listed in the
+   Postfix-Dovecot-Postgresql-Example.md file. The example should work
+   for Dovecot out of the box. 
+2. Set up synchronization of TOTP secrets with a mail user client
+   application. This is important. Otherwise MFA will not be used to
+   protect access to mails.
+   Use the mailbox_post_TOTP_change_secret_script setting in the
+   config.inc.php. The mailbox username and domain will be passed
+   as parameters, the shared secret via stdin. For Roundcubemail you can
+   have a look at the scripts/examples/sync-roundcubemail-totp.php example. 
+3. Activate TOTP and app passwords in the config.inc.php by setting
+   $CONF['totp'] = 'YES';
+   $CONF['app_passwords'] = 'YES';

composer.json

@@ -24,7 +24,9 @@
     "require": {
         "php": ">=7.2",
         "smarty/smarty": "^3|^4",
-        "postfixadmin/password-hashing": "^0.0.1"
+        "postfixadmin/password-hashing": "^0.0.1",
+        "endroid/qr-code": "^4.6",
+        "spomky-labs/otphp": "^10.0"
     },
     "require-dev": {
         "ext-mysqli":  "*",

config.inc.php

@@ -538,6 +538,16 @@ EOM;
 // address is legal by performing a name server look-up.
 $CONF['emailcheck_resolve_domain']='YES';
 
+// Use TOTP for logging into Postfixadmin, can be overridden for listed
+// IPs to allow access by software that provide their own checking.
+// Exceptions can be of user, domain or global scope.
+// This also bundles several menu items in a "security" dropdown.
+$CONF['totp'] = 'NO';
+
+// Use revokable application passwords to limit the risk of storing a
+// password in another system. These passwords can not access Postfixadmin.
+$CONF['app_passwords'] = 'NO';
+
 //
 //
 // OpenDKIM stuff
@@ -646,6 +656,34 @@ $CONF['mailbox_postdeletion_script'] = '';
 // $CONF['mailbox_postpassword_script']='sudo -u dovecot /usr/local/bin/postfixadmin-mailbox-postpassword.sh';
 $CONF['mailbox_postpassword_script'] = '';
 
+// Optional: See NOTE above.
+// Script to run after setting a mailbox TOTP secret.
+// Parameters: (1) username (2) domain
+// STDIN: TOTP secret + \0
+// $CONF['mailbox_post_TOTP_change_secret_script']='sudo -u dovecot /usr/local/bin/postfixadmin-mailbox-postpassword.sh';
+$CONF['mailbox_post_TOTP_change_secret_script'] = '';
+
+// Optional: See NOTE above.
+// Script to run after adding an exception address (disable TOTP).
+// Parameters: (1) username (2) ip
+// STDIN: TOTP secret + \0
+// $CONF['mailbox_post_exception_add_script']='sudo -u dovecot /usr/local/bin/postfixadmin-mailbox-postpassword.sh';
+$CONF['mailbox_post_totp_exception_add_script'] = '';
+
+// Optional: See NOTE above.
+// Script to run after deleting an exception address (disable TOTP).
+// Parameters: (1) username (2) ip
+// STDIN: TOTP secret + \0
+// $CONF['mailbox_post_totp_exception_delete_script']='sudo -u dovecot /usr/local/bin/postfixadmin-mailbox-postpassword.sh';
+$CONF['mailbox_post_totp_exception_delete_script'] = '';
+
+// Optional: See NOTE above.
+// Script to run after adding an app password.
+// Parameters: (1) username (2) app description
+// STDIN: password + \0
+// $CONF['mailbox_postapppassword_script']='sudo -u dovecot /usr/local/bin/postfixadmin-mailbox-postpassword.sh';
+$CONF['mailbox_postapppassword_script'] = '';
+
 // Optional: See NOTE above.
 // Script to run after creation of domains.
 // Parameters: (1) domain

configs/menu.conf

@@ -24,6 +24,9 @@ url_dkim_newkey = edit.php?table=dkim
 url_dkim_newsign = edit.php?table=dkimsigning
 # password
 url_password = edit.php?table=adminpassword
+url_totp = totp.php
+url_totp_exceptions = totp-exceptions.php
+url_app_passwords = app-passwords.php
 # backup
 url_backup = backup.php
 # viewlog
@@ -36,6 +39,7 @@ url_user_main = main.php
 url_user_edit_alias = edit-alias.php
 url_user_vacation = vacation.php
 url_user_password = password.php
+url_user_totp = totp.php
 url_user_logout = login.php
 
 

functions.inc.php

@@ -17,6 +17,22 @@
 
 $min_db_version = 1844;  # update (at least) before a release with the latest function numbrer in upgrade.php
 
+
+/**
+ * Check if the user already provided a password but not the second factor 
+ * @return boolean
+ */
+function authentication_mfa_incomplete() {
+    if (isset($_SESSION['sessid'])) {
+        if (isset($_SESSION['sessid']['mfa_complete'])) {
+            if ($_SESSION['sessid']['mfa_complete'] == false) {
+                return true;
+            }
+        }
+    }
+    return false;
+}
+
 /**
  * check_session
  *  Action: Check if a session already exists, if not redirect to login.php
@@ -102,14 +118,18 @@ function authentication_require_role($role)
  * @param boolean $is_admin true if the user is an admin, false otherwise
  * @return boolean true on success
  */
-function init_session($username, $is_admin = false)
+function init_session($username, $is_admin = false, $mfa_complete = false)
 {
     $status = session_regenerate_id(true);
     $_SESSION['sessid'] = array();
     $_SESSION['sessid']['roles'] = array();
+    if ($mfa_complete) {
         $_SESSION['sessid']['roles'][] = $is_admin ? 'admin' : 'user';
+        $_SESSION['sessid']['mfa_complete'] = true;
+    } else {
+        $_SESSION['sessid']['mfa_complete'] = false;
+    }
     $_SESSION['sessid']['username'] = $username;
-
     $_SESSION['PFA_token'] = md5(random_bytes(8) . uniqid('pfa', true));
 
     return $status;

languages/bg.lang

@@ -440,8 +440,60 @@ $PALANG['password_expiration'] = 'Pass expires'; # XXX
 $PALANG['password_expiration_desc'] = 'Date when password will expire'; # XXX
 $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
-
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/ca.lang

@@ -439,8 +439,60 @@ $PALANG['password_expiration'] = 'Pass expires'; # XXX
 $PALANG['password_expiration_desc'] = 'Date when password will expire'; # XXX
 $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
+$PALANG['pLegal_char_warning'] = 'Caràcter il·legal';A
+$PALANG['copy'] = 'Còpia';
+$PALANG['generate'] = 'Generat';
+$PALANG['pMenu_security'] = 'Seguretat';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'excepcions TOTP';
+$PALANG['pMenu_app_passwords'] = 'contrasenyes d\'aplicació';
+$PALANG['pUsersMain_totp_exceptions'] = 'Permeteu que les adreces IP de confiança accedeixin a la vostra bústia sense TOTP';
+$PALANG['pUsersMenu_totp'] = 'Canvi TOTP';
+$PALANG['pTOTP_welcome'] = 'Configuració de la contrasenya d\'una sola vegada basada en el temps';
+$PALANG['pUsersMain_totp'] = 'Configuració de la contrasenya d\'una sola vegada basada en el temps';
+$PALANG['pTOTP_secret'] = 'TOTP secret';
+$PALANG['pTOTP_code'] = 'Codi TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'TOTP secret';
+$PALANG['change_TOTP'] = 'Canviar configuració TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Nom d\'usuari';
+$PALANG['pTOTP_qr'] = 'Preguntes Freqüents - FAQ';
+$PALANG['pTOTP_confirm'] = 'Si us plau, confirmeu el vostre inici de sessió proporcionant el vostre codi TOTP actual';
+$PALANG['pTotp_failed'] = 'El teu codi introduït no és vàlid. Si us plau, introdueix dins de la caixa de text els caràcters que veu a la imatge de sota. Això és requerit per evitar enviaments automàtics.';
+$PALANG['pTotp_stored'] = 'Totp - Totp';
+$PALANG['pTotp_exceptions_welcome'] = 'Afegir adreça TOPT-exempta';
+$PALANG['pTotp_exceptions_user'] = 'Nom d\'usuari (o domini d\'administració)';
+$PALANG['pTotp_exceptions_add'] = 'Afegir excepció';
+$PALANG['pTotp_exceptions_address'] = 'Adreça IP';
+$PALANG['pTotp_exceptions_description'] = 'Descripció';
+$PALANG['pTotp_exceptions_list'] = 'excepcions existents';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Exclusió revocada';
+$PALANG['pTotp_exception_result_success'] = 'Excepcional afegit';
+$PALANG['pTotp_exception_result_error'] = 'No hi ha excepcions';
+$PALANG['pEdit_totp_exception_result_error'] = 'No es poden modificar excepcions de TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP no pot ser buit';
+$PALANG['pException_desc_empty_error'] = 'No hi ha comentaris';
+$PALANG['pException_user_entire_domain_error'] = 'Només els administradors poden afegir excepcions per a un domini sencer.';
+$PALANG['pException_user_global_error'] = 'Només els superadmins poden afegir excepcions globals';
+$PALANG['pUsersMain_app_passwords'] = 'Configuració de contrasenyes d\'app amb permissos reduïts';
+$PALANG['pApp_passwords_list'] = 'Preguntes Freqüents - FAQ';
+$PALANG['pApp_password_revoked'] = 'Exclusió revocada';
+$PALANG['pApp_passwords_welcome'] = 'Afegir contrasenya d\'aplicació';
+$PALANG['pAppPassAdd_result_success'] = 'Afegit una contrasenya d\'aplicació';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'La contrasenya no pot ser buida';
+$PALANG['pAppPassAdd_result_error'] = 'No es pot afegir la contrasenya de l\'aplicació';
+$PALANG['MFA_submit'] = 'Confirmar contrasenya';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Afegir excepció TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Suprimeix l\'excepció TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Afegir contrasenya d\'aplicació';
+$PALANG['mailbox_postapppassword_failed'] = 'L\'script de postapppassword de la bústia ha fallat, comproveu el registre d\'errors per obtenir més informació.';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'L\'escriptura d\'esborrament de l\'excepció de la bústia de correu va fallar, comproveu el registre d\'errors per obtenir més detalls.';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'L\'excepció de la bústia de correu a totp ha fallat l\'escriptura, comproveu el registre d\'errors per obtenir més detalls.';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'La bústia de correu ha fallat l\'script de canvi secret, comproveu el registre d\'errors per obtenir més informació.';
 
-$PALANG['pLegal_char_warning'] = 'Caràcter il·legal';
+$PALANG['TOTP_already_configured'] = 'TOTP ja està configurat per aquest compte, vols canviar el teu secret?';
+
+$PALANG['pApp_passwords_add'] = 'Afegir la contrasenya específica de l\'aplicació';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/cn.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = '非法性质';
+$PALANG['copy'] = '页: 1';
+$PALANG['generate'] = '基因';
+$PALANG['pMenu_security'] = '安全';
+$PALANG['pMenu_totp'] = '附 件';
+$PALANG['pMenu_totp_exceptions'] = '附 件';
+$PALANG['pMenu_app_passwords'] = '申请密码';
+$PALANG['pUsersMain_totp_exceptions'] = '允许信使的IP地址在无邮管处的情况下进入你的邮箱';
+$PALANG['pUsersMenu_totp'] = 'B. 变革';
+$PALANG['pTOTP_welcome'] = '设置基于时间的一次性密码';
+$PALANG['pUsersMain_totp'] = '设置基于时间的一次性密码';
+$PALANG['pTOTP_secret'] = '附 件';
+$PALANG['pTOTP_code'] = 'TP代码';
+$PALANG['pTOTP_secret_result_error'] = '不能改变秘密做法';
+$PALANG['change_TOTP'] = 'A. 变化情况';
+$PALANG['pTOTP_code_mismatch'] = '输入的单时密码不正确';
+$PALANG['pTOTP_qr'] = 'TOTP QR 代码';
+$PALANG['pTOTP_confirm'] = '请通过提供您目前的《入境许可证法》确认您的原样。';
+$PALANG['pTotp_failed'] = '你加入的法典无效。 请使用现行法典。';
+$PALANG['pTotp_stored'] = '你成功地确认了你的新的特工秘密。';
+$PALANG['pTotp_exceptions_welcome'] = '致开幕词';
+$PALANG['pTotp_exceptions_user'] = '用户名(或行政领域)';
+$PALANG['pTotp_exceptions_add'] = '增 编';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = '说明';
+$PALANG['pTotp_exceptions_list'] = '现有例外';
+$PALANG['pTotp_exceptions_revoke'] = '退约';
+$PALANG['pTotp_exceptions_revoked'] = '撤销的例外情况';
+$PALANG['pTotp_exception_result_success'] = '例外增加';
+$PALANG['pTotp_exception_result_error'] = '否';
+$PALANG['pEdit_totp_exception_result_error'] = '无法修改许可证制度的例外情况';
+$PALANG['pException_ip_empty_error'] = '知识产权不能空洞';
+$PALANG['pException_desc_empty_error'] = '描述不能空洞';
+$PALANG['pException_user_entire_domain_error'] = '只有行政才能增加整个领域的例外情况。';
+$PALANG['pException_user_global_error'] = '只有超级行政才能增加全球例外情况';
+$PALANG['pUsersMain_app_passwords'] = '设置可撤销的、特权减少的密码';
+$PALANG['pApp_passwords_list'] = '现有申请密码';
+$PALANG['pApp_password_revoked'] = '撤销的例外情况';
+$PALANG['pApp_passwords_welcome'] = '附录';
+$PALANG['pAppPassAdd_result_success'] = '添加申请密码';
+$PALANG['pAppPassAdd_pass_empty_error'] = '口号不能空洞';
+$PALANG['pAppPassAdd_result_error'] = '不要增加申请密码';
+$PALANG['MFA_submit'] = 'Confirmlogin';
+$PALANG['pViewlog_action_add_totp_exception'] = '附 件';
+$PALANG['pViewlog_action_delete_totp_exception'] = '删除备选案文';
+$PALANG['pViewlog_action_add_app_password'] = '附录';
+$PALANG['mailbox_postapppassword_failed'] = '邮箱的邮递申请词稿失败,核对错误记录,以供参考!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = '邮箱邮箱邮箱破除稿失败,详细核对错误记录!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = '邮箱邮箱的特例添加文字失败,核对错误的标识,以供参考!';
+$PALANG['mailbox_post_TOTP_change_failed'] = '邮箱邮箱贴上秘密变更信稿的工作失败了,核对错误记录的细节!';
+
+$PALANG['TOTP_already_configured'] = '你是否想改变你的秘密?';
+
+$PALANG['pApp_passwords_add'] = '添加针对具体申请的密码';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/cs.lang

@@ -456,6 +456,60 @@ $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Nelegální charakter';
 
+$PALANG['copy'] = 'Čeština';
+$PALANG['generate'] = 'Generovat';
+$PALANG['pMenu_security'] = 'Bezpečnost';
+$PALANG['pMenu_totp'] = 'Čeština';
+$PALANG['pMenu_totp_exceptions'] = 'Výjimku TOTP';
+$PALANG['pMenu_app_passwords'] = 'Aplikační hesla';
+$PALANG['pUsersMain_totp_exceptions'] = 'Povolit důvěryhodné IP adresy pro přístup k vaší poštovní schránce bez TOTP';
+$PALANG['pUsersMenu_totp'] = 'Změna TOTP';
+$PALANG['pTOTP_welcome'] = 'Nastavení hesla na bázi času';
+$PALANG['pUsersMain_totp'] = 'Nastavení hesla na bázi času';
+$PALANG['pTOTP_secret'] = 'TOTP tajemství';
+$PALANG['pTOTP_code'] = 'TOTP kód';
+$PALANG['pTOTP_secret_result_error'] = 'Nelze změnit tajemství TOTP';
+$PALANG['change_TOTP'] = 'Změna nastavení TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Nesprávná jednostranná slova zadané';
+$PALANG['pTOTP_qr'] = 'TOTP QR kód';
+$PALANG['pTOTP_confirm'] = 'Prosím, potvrďte svůj login tím, že vám poskytne aktuální kód TOTP';
+$PALANG['pTotp_failed'] = 'Váš zadaný kód není platný. Použijte aktuální kód.';
+$PALANG['pTotp_stored'] = 'Úspěšně potvrzujete, že Váš nový TOTP tajemství.';
+$PALANG['pTotp_exceptions_welcome'] = 'Přidat adresu TOPT-exempt';
+$PALANG['pTotp_exceptions_user'] = 'Uživatelské jméno (nebo doména pro administrátory)';
+$PALANG['pTotp_exceptions_add'] = 'Přidat výjimku';
+$PALANG['pTotp_exceptions_address'] = 'IP-Adresa';
+$PALANG['pTotp_exceptions_description'] = 'Čeština';
+$PALANG['pTotp_exceptions_list'] = 'Stávající výjimky';
+$PALANG['pTotp_exceptions_revoke'] = 'Čeština';
+$PALANG['pTotp_exceptions_revoked'] = 'S výjimkou odvolání';
+$PALANG['pTotp_exception_result_success'] = 'S výjimkou přidané';
+$PALANG['pTotp_exception_result_error'] = 'Nelze přidat výjimku';
+$PALANG['pEdit_totp_exception_result_error'] = 'Nelze upravit výjimky TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP nelze vyprázdnit';
+$PALANG['pException_desc_empty_error'] = 'Popis nelze vyprázdnit';
+$PALANG['pException_user_entire_domain_error'] = 'Pouze administrátory mohou přidávat výjimky pro celou doménu.';
+$PALANG['pException_user_global_error'] = 'Pouze superadminy mohou přidat globální výjimky';
+$PALANG['pUsersMain_app_passwords'] = 'Nastavení revokovatelné heslo aplikace se sníženou oprávněními';
+$PALANG['pApp_passwords_list'] = 'Stávající heslo aplikace';
+$PALANG['pApp_password_revoked'] = 'S výjimkou odvolání';
+$PALANG['pApp_passwords_welcome'] = 'Přidat heslo aplikace';
+$PALANG['pAppPassAdd_result_success'] = 'Přidáno heslo aplikace';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Heslo nelze vyprázdnit';
+$PALANG['pAppPassAdd_result_error'] = 'Nelze přidat heslo aplikace';
+$PALANG['MFA_submit'] = 'Potvrzení přihlášení';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Přidat výjimku TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Odstranění výjimky TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Přidat heslo aplikace';
+$PALANG['mailbox_postapppassword_failed'] = 'Poapppassword skript selhal, zkontrolujte protokol chyby pro podrobnosti!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Schránkový příspěvek totp výjimka odstranění skriptu selhal, zkontrolujte protokol chyby pro podrobnosti!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Poštovní schránka post totp výjimka přidat skript selhal, zkontrolujte protokol chyby pro podrobnosti!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Poštovní schránka post totp tajné změny skriptu selhal, zkontrolujte protokol chyby pro podrobnosti!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP je již nakonfigurován pro tento účet, chcete změnit tajemství?';
+
+$PALANG['pApp_passwords_add'] = 'Přidat heslo specifické pro aplikaci';
+
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */
 ?>

languages/da.lang

@@ -454,8 +454,63 @@ $PALANG['password_expiration_desc'] = 'Date when password will expire'; # XXX
 $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
   
+
 $PALANG['pLegal_char_warning'] = 'Ulovlig figur';
 
+$PALANG['copy'] = 'Kopiere Kopier';
+$PALANG['generate'] = 'Generer Generer';
+$PALANG['pMenu_security'] = 'Sikkerhed for sikkerhed';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'Undtagelser';
+$PALANG['pMenu_app_passwords'] = 'Ansøgningsadgangskoder';
+$PALANG['pUsersMain_totp_exceptions'] = 'Tillad betroede IP-adresser til at få adgang til din postkasse uden TOTP';
+$PALANG['pUsersMenu_totp'] = 'Ændre TOTP';
+$PALANG['pTOTP_welcome'] = 'Opsætning af din Time-baseret engangsadgangskode';
+$PALANG['pUsersMain_totp'] = 'Opsætning af din Time-baseret engangsadgangskode';
+$PALANG['pTOTP_secret'] = 'TOTP hemmelighed';
+$PALANG['pTOTP_code'] = 'TOTP kode';
+$PALANG['pTOTP_secret_result_error'] = 'Kan ikke ændre TOTP hemmelighed';
+$PALANG['change_TOTP'] = 'Ændre indstillingerne for TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Forkert et-time-password indtastet';
+$PALANG['pTOTP_qr'] = 'Log ind';
+$PALANG['pTOTP_confirm'] = 'Bekræft venligst dit login ved at give din nuværende TOTP-kode';
+$PALANG['pTotp_failed'] = 'Din indtastede kode er ikke gyldig. Brug venligst en aktuel kode.';
+$PALANG['pTotp_stored'] = 'Du har bekræftet din nye TOTP hemmelighed.';
+$PALANG['pTotp_exceptions_welcome'] = 'Tilføj TOPT-exempt adresse';
+$PALANG['pTotp_exceptions_user'] = 'Brugernavn (eller domæne for administratorer)';
+$PALANG['pTotp_exceptions_add'] = 'Tilføj undtagelse';
+$PALANG['pTotp_exceptions_address'] = 'IP-adresse';
+$PALANG['pTotp_exceptions_description'] = 'Beskrivelse Beskrivelse Beskrivelse Beskrivelse';
+$PALANG['pTotp_exceptions_list'] = 'Eksisterende undtagelser';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Undtagelse ophævet';
+$PALANG['pTotp_exception_result_success'] = 'Undtagelse tilføjet';
+$PALANG['pTotp_exception_result_error'] = 'Kan ikke tilføje undtagelse';
+$PALANG['pEdit_totp_exception_result_error'] = 'Kan ikke ændre TOTP undtagelser';
+$PALANG['pException_ip_empty_error'] = 'IP kan ikke være tomt';
+$PALANG['pException_desc_empty_error'] = 'Beskrivelse kan ikke være tomt';
+$PALANG['pException_user_entire_domain_error'] = 'Kun administratorer kan tilføje undtagelser for et helt domæne.';
+$PALANG['pException_user_global_error'] = 'Kun superadmins kan tilføje globale undtagelser';
+$PALANG['pUsersMain_app_passwords'] = 'Opsætning af hemmelige app-adgangskoder med reducerede privilegier';
+$PALANG['pApp_passwords_list'] = 'Eksisterende applikationsadgangskoder';
+$PALANG['pApp_password_revoked'] = 'Undtagelse ophævet';
+$PALANG['pApp_passwords_welcome'] = 'Tilføj adgangskode';
+$PALANG['pAppPassAdd_result_success'] = 'Tilføjet en adgangskode';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Adgangskode kan ikke være tomt';
+$PALANG['pAppPassAdd_result_error'] = 'Kan ikke tilføje ansøgningsadgangskode';
+$PALANG['MFA_submit'] = 'Bekræft login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Tilføj TOTP undtagelse';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Slette TOTP undtagelse';
+$PALANG['pViewlog_action_add_app_password'] = 'Tilføj adgangskode';
+$PALANG['mailbox_postapppassword_failed'] = 'postkassen postapppassword script mislykkedes, kontrollere fejlen log for detaljer!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'postkassen post totp undtagelse slette script mislykkedes, kontrollere fejlen log for detaljer!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'postkassen post totp undtagelse tilføjer script mislykkedes, kontrollere fejlen log for detaljer!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'postkassen post totp hemmeligt ændring script mislykkedes, kontrollere fejlen log for detaljer!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP er allerede konfigureret til denne konto, ønsker du at ændre din hemmelighed?';
+
+$PALANG['pApp_passwords_add'] = 'Tilføj adgangskode';
+
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */
 ?>

languages/de.lang

@@ -453,6 +453,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegaler Charakter';
+$PALANG['copy'] = 'Kopie';
+$PALANG['generate'] = 'Generieren';
+$PALANG['pMenu_security'] = 'Sicherheit';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP Ausnahmen';
+$PALANG['pMenu_app_passwords'] = 'Anwendungspasswörter';
+$PALANG['pUsersMain_totp_exceptions'] = 'Erlauben Sie vertrauenswürdige IP-Adressen ohne TOTP auf Ihr Postfach zugreifen';
+$PALANG['pUsersMenu_totp'] = 'Änderung von TOTP';
+$PALANG['pTOTP_welcome'] = 'Richten Sie Ihr zeitbasiertes Einmal-Passwort ein';
+$PALANG['pUsersMain_totp'] = 'Richten Sie Ihr zeitbasiertes Einmal-Passwort ein';
+$PALANG['pTOTP_secret'] = 'TOTP Geheimnis';
+$PALANG['pTOTP_code'] = 'TOTP-Code';
+$PALANG['pTOTP_secret_result_error'] = 'konnte nicht ändern TOTP Geheimnis';
+$PALANG['change_TOTP'] = 'TOTP-Einstellungen ändern';
+$PALANG['pTOTP_code_mismatch'] = 'Falsches Ein-Zeit-Passwort eingegeben';
+$PALANG['pTOTP_qr'] = 'TOTP QR-Code';
+$PALANG['pTOTP_confirm'] = 'Bitte bestätigen Sie Ihre Anmeldung durch die Bereitstellung Ihres aktuellen TOTP-Codes';
+$PALANG['pTotp_failed'] = 'Ihr eingegebener Code ist nicht gültig. Bitte benutzen Sie einen aktuellen Code.';
+$PALANG['pTotp_stored'] = 'Sie haben Ihr neues TOTP-Geheimnis erfolgreich bestätigt.';
+$PALANG['pTotp_exceptions_welcome'] = 'TOPT-exempt Adresse hinzufügen';
+$PALANG['pTotp_exceptions_user'] = 'Benutzername (oder Domain für Administratoren)';
+$PALANG['pTotp_exceptions_add'] = 'Ausnahme';
+$PALANG['pTotp_exceptions_address'] = 'IP-Adresse';
+$PALANG['pTotp_exceptions_description'] = 'Warenbezeichnung';
+$PALANG['pTotp_exceptions_list'] = 'Vorhandene Ausnahmen';
+$PALANG['pTotp_exceptions_revoke'] = 'Einnahmen';
+$PALANG['pTotp_exceptions_revoked'] = 'Ausnahme widerrufen';
+$PALANG['pTotp_exception_result_success'] = 'Ausnahme hinzugefügt';
+$PALANG['pTotp_exception_result_error'] = 'Kann keine Ausnahme hinzufügen';
+$PALANG['pEdit_totp_exception_result_error'] = 'Nicht zu ändern TOTP Ausnahmen';
+$PALANG['pException_ip_empty_error'] = 'IP kann nicht leer sein';
+$PALANG['pException_desc_empty_error'] = 'Beschreibung kann nicht leer sein';
+$PALANG['pException_user_entire_domain_error'] = 'Nur Admins können Ausnahmen für eine ganze Domain hinzufügen.';
+$PALANG['pException_user_global_error'] = 'Nur Superadmins können globale Ausnahmen hinzufügen';
+$PALANG['pUsersMain_app_passwords'] = 'Setup abnehmbare App-Passwörter mit reduzierten Privilegien';
+$PALANG['pApp_passwords_list'] = 'Vorhandene Anwendungspasswörter';
+$PALANG['pApp_password_revoked'] = 'Ausnahme widerrufen';
+$PALANG['pApp_passwords_welcome'] = 'Anwendungskennwort hinzufügen';
+$PALANG['pAppPassAdd_result_success'] = 'Ein Anwendungs-Passwort hinzugefügt';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Passwort kann nicht leer sein';
+$PALANG['pAppPassAdd_result_error'] = 'Das Anwendungskennwort nicht hinzufügen';
+$PALANG['MFA_submit'] = 'Anmeldung bestätigen';
+$PALANG['pViewlog_action_add_totp_exception'] = 'TOTP Ausnahme';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'TOTP Ausnahme löschen';
+$PALANG['pViewlog_action_add_app_password'] = 'Anwendungskennwort hinzufügen';
+$PALANG['mailbox_postapppassword_failed'] = 'Das Postbox Postapppassword-Skript fehlgeschlagen, überprüfen Sie das Fehlerprotokoll für Details!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Die Mailbox Post totp Ausnahme löschen Skript fehlgeschlagen, überprüfen Sie das Fehlerprotokoll für Details!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Die Postbox Post totp Ausnahme hinzufügen Skript fehlgeschlagen, überprüfen Sie das Fehlerprotokoll für Details!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Das Mailbox Post totp Secret Change Skript ist fehlgeschlagen, überprüfen Sie das Fehlerprotokoll für Details!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP ist bereits für dieses Konto konfiguriert, möchten Sie Ihr Geheimnis ändern?';
+
+$PALANG['pApp_passwords_add'] = 'Anwendungsspezifisches Passwort hinzufügen';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/en.lang

@@ -37,6 +37,8 @@ $PALANG['must_be_boolean'] = '%s must be boolean';
 $PALANG['invalid_value_given'] = 'Invalid value given for %s';
 $PALANG['edit_not_allowed'] = 'You are not allowed to edit %s';
 $PALANG['searchparams'] = 'Search parameters:';
+$PALANG['copy'] = 'Copy';
+$PALANG['generate'] = 'Generate';
 
 $PALANG['pFooter_logged_as'] = 'Logged in as %s';
 
@@ -57,7 +59,11 @@ $PALANG['pMenu_fetchmail'] = 'Fetch Email';
 $PALANG['pMenu_sendmail'] = 'Send Email';
 $PALANG['pMenu_dkim'] = 'Domain Keys';
 $PALANG['pMenu_dkim_signing'] = 'Signing Table';
+$PALANG['pMenu_security'] = 'Security';
 $PALANG['pMenu_password'] = 'Password';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions';
+$PALANG['pMenu_app_passwords'] = 'Application passwords';
 $PALANG['pMenu_viewlog'] = 'View Log';
 $PALANG['pMenu_logout'] = 'Logout';
 
@@ -174,6 +180,46 @@ $PALANG['pEdit_mailbox_quota_text_error'] = 'The quota that you specified is too
 $PALANG['pEdit_mailbox_domain_error'] = 'This domain is not yours: ';
 $PALANG['pEdit_mailbox_result_error'] = 'Unable to modify the mailbox!';
 
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP';
+$PALANG['pUsersMenu_totp'] = 'Change TOTP';
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password';
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password';
+$PALANG['pTOTP_secret'] = 'TOTP secret';
+$PALANG['pTOTP_code'] = 'TOTP code (empty to disable)';
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret';
+$PALANG['change_TOTP'] = 'Change TOTP settings';
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered';
+$PALANG['pTOTP_qr'] = 'TOTP QR-code';
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code';
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.';
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.';
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address';
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)';
+$PALANG['pTotp_exceptions_add'] = 'Add exception';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Description';
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked';
+$PALANG['pTotp_exception_result_success'] = 'Exception added';
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception';
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions';
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty';
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty';
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.';
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions';
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges';
+$PALANG['pApp_passwords_list'] = 'Existing application passwords';
+$PALANG['pApp_password_revoked'] = 'Exception revoked';
+$PALANG['pApp_passwords_welcome'] = 'Add application password';
+$PALANG['pMenu_app_passwords'] = 'Application passwords';
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty';
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password';
+#$PALANG[''] = '';
+
+$PALANG['MFA_submit'] = 'Confirm login';
+
 $PALANG['pPassword_welcome'] = 'Change your login password.';
 $PALANG['pPassword_admin'] = 'Login';
 $PALANG['pPassword_password_current'] = 'Current Password';
@@ -215,6 +261,8 @@ $PALANG['pViewlog_timestamp'] = 'Timestamp';
 $PALANG['pViewlog_action'] = 'Action';
 $PALANG['pViewlog_data'] = 'Data';
 
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception';
 $PALANG['pViewlog_action_create_domain'] = 'create domain';
 $PALANG['pViewlog_action_delete_domain'] = 'delete domain';
 $PALANG['pViewlog_action_edit_domain'] = 'edit domain';
@@ -231,6 +279,7 @@ $PALANG['pViewlog_action_edit_alias'] = 'edit alias';
 $PALANG['pViewlog_action_edit_alias_state'] = 'edit alias active';
 $PALANG['pViewlog_action_edit_alias_domain_state'] = 'edit alias domain active';
 $PALANG['pViewlog_action_edit_password'] = 'change password';
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password';
 $PALANG['pViewlog_action_create_admin'] = 'create admin';
 $PALANG['pViewlog_action_edit_admin'] = 'edit admin';
 $PALANG['pViewlog_action_delete_admin'] = 'delete admin';
@@ -314,6 +363,11 @@ $PALANG['mailbox_postdel_failed'] = 'The mailbox postdeletion script failed, che
 $PALANG['mailbox_postedit_failed'] = 'The mailbox postedit script failed, check the error log for details!';
 $PALANG['mailbox_postcreate_failed'] = 'The mailbox postcreate script failed, check the error log for details!';
 $PALANG['mailbox_postpassword_failed'] = 'The mailbox postpassword script failed, check the error log for details!';
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!';
+
 $PALANG['pAdminDelete_alias_domain_error'] = 'Unable to remove domain alias!';
 $PALANG['domain_conflict_vacation_domain'] = 'You can\'t use the vacation domain as mail domain!';
 
@@ -458,6 +512,8 @@ $PALANG['password_expiration_desc'] = 'Date when password will expire';
 $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX
 $PALANG['pLegal_char_warning']              = 'Illegal character';
+$PALANG['TOTP_already_configured']          = 'TOTP is already configured for this account, do you want to change your secret?';
+$PALANG['pApp_passwords_add']               = 'Add application-specific password';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/es.lang

@@ -443,6 +443,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Carácter ilegal';
+$PALANG['copy'] = 'Copiado';
+$PALANG['generate'] = 'Generar';
+$PALANG['pMenu_security'] = 'Seguridad';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'Excepciones de los programas';
+$PALANG['pMenu_app_passwords'] = 'Contraseñas de aplicación';
+$PALANG['pUsersMain_totp_exceptions'] = 'Permitir direcciones IP confiables para acceder a su buzón de correo sin TOTP';
+$PALANG['pUsersMenu_totp'] = 'Cambio';
+$PALANG['pTOTP_welcome'] = 'Configura tu contraseña de una sola vez basada en el tiempo';
+$PALANG['pUsersMain_totp'] = 'Configura tu contraseña de una sola vez basada en el tiempo';
+$PALANG['pTOTP_secret'] = 'ToTP secret';
+$PALANG['pTOTP_code'] = 'Código postal';
+$PALANG['pTOTP_secret_result_error'] = 'No podría cambiar el secreto de TOTP';
+$PALANG['change_TOTP'] = 'Cambiar la configuración TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Incorrecto una sola vez-password ingresado';
+$PALANG['pTOTP_qr'] = 'TOTP QR-code';
+$PALANG['pTOTP_confirm'] = 'Por favor, confirme su login proporcionando su código TOTP actual';
+$PALANG['pTotp_failed'] = 'Su código de entrada no es válido. Por favor, utilice un código actual.';
+$PALANG['pTotp_stored'] = 'Usted confirmó con éxito su nuevo secreto TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address';
+$PALANG['pTotp_exceptions_user'] = 'Nombre de usuario (o dominio para los administradores)';
+$PALANG['pTotp_exceptions_add'] = 'A excepción';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Descripción';
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions';
+$PALANG['pTotp_exceptions_revoke'] = 'Revocación';
+$PALANG['pTotp_exceptions_revoked'] = 'Excepción revocada';
+$PALANG['pTotp_exception_result_success'] = 'Excepción añadida';
+$PALANG['pTotp_exception_result_error'] = 'No se puede añadir excepción';
+$PALANG['pEdit_totp_exception_result_error'] = 'Incapaz de modificar excepciones TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP no puede estar vacía';
+$PALANG['pException_desc_empty_error'] = 'Descripción no puede estar vacía';
+$PALANG['pException_user_entire_domain_error'] = 'Sólo los administradores pueden añadir excepciones para todo un dominio.';
+$PALANG['pException_user_global_error'] = 'Sólo superadmins pueden añadir excepciones globales';
+$PALANG['pUsersMain_app_passwords'] = 'Configuración de contraseñas de aplicación recuperables con privilegios reducidos';
+$PALANG['pApp_passwords_list'] = 'contraseñas de aplicación existentes';
+$PALANG['pApp_password_revoked'] = 'Excepción revocada';
+$PALANG['pApp_passwords_welcome'] = 'Agregar contraseña de aplicación';
+$PALANG['pAppPassAdd_result_success'] = 'Añadido una contraseña de aplicación';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'La contraseña no puede estar vacía';
+$PALANG['pAppPassAdd_result_error'] = 'No se puede agregar contraseña de aplicación';
+$PALANG['MFA_submit'] = 'Confirme el login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Suprímase la excepción TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Agregar contraseña de aplicación';
+$PALANG['mailbox_postapppassword_failed'] = 'El script de correo postalapppassword falla, comprueba el registro de errores para detalles!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'La excepción de correo postal totp delete script falló, compruebe el registro de error para detalles!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'La excepción de correo postal totp añadir script falló, comprobar el registro de error para detalles!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'El correo postal totp secret change script falló, comprueba el registro de errores para detalles!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP ya está configurado para esta cuenta, ¿quieres cambiar tu secreto?';
+
+$PALANG['pApp_passwords_add'] = 'Añadir contraseña específica para aplicaciones';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/et.lang

@@ -445,6 +445,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/eu.lang

@@ -440,6 +440,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/fi.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Laitonta luonnetta';
+$PALANG['copy'] = 'Kopioita';
+$PALANG['generate'] = 'Sukupolvi';
+$PALANG['pMenu_security'] = 'Turvallisuusturvallisuus';
+$PALANG['pMenu_totp'] = 'Totta';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP-poikkeukset';
+$PALANG['pMenu_app_passwords'] = 'Käytä salasanoja';
+$PALANG['pUsersMain_totp_exceptions'] = 'Salli luotettujen IP-osoitteiden käyttää postilaatikkoasi ilman TOTP: tä';
+$PALANG['pUsersMenu_totp'] = 'Muutos TOTP';
+$PALANG['pTOTP_welcome'] = 'Aseta aikapohjainen One-time Password';
+$PALANG['pUsersMain_totp'] = 'Aseta aikapohjainen One-time Password';
+$PALANG['pTOTP_secret'] = 'Totp salaisuus';
+$PALANG['pTOTP_code'] = 'TOTP-koodi';
+$PALANG['pTOTP_secret_result_error'] = 'Ei voi muuttaa salaisuutta';
+$PALANG['change_TOTP'] = 'Muuta TOTP-asetuksia';
+$PALANG['pTOTP_code_mismatch'] = 'Väärä kertakäyttöinen salasana';
+$PALANG['pTOTP_qr'] = 'TOTP QR-koodi';
+$PALANG['pTOTP_confirm'] = 'Vahvista kirjautumisesi tarjoamalla nykyisen TOTP-koodisi.';
+$PALANG['pTotp_failed'] = 'Syötetty koodi ei ole voimassa. Käytä nykyistä koodia.';
+$PALANG['pTotp_stored'] = 'Olet onnistuneesti vahvistanut uuden TotP-salaisuutesi.';
+$PALANG['pTotp_exceptions_welcome'] = 'Lisää TOPT-vapaa osoite';
+$PALANG['pTotp_exceptions_user'] = 'Käyttäjänimi (tai domain for admins)';
+$PALANG['pTotp_exceptions_add'] = 'Lisä poikkeus';
+$PALANG['pTotp_exceptions_address'] = 'IP-osoite';
+$PALANG['pTotp_exceptions_description'] = 'Kuvaus';
+$PALANG['pTotp_exceptions_list'] = 'olemassa olevia poikkeuksia';
+$PALANG['pTotp_exceptions_revoke'] = 'peruutus';
+$PALANG['pTotp_exceptions_revoked'] = 'Poikkeus peruutettu';
+$PALANG['pTotp_exception_result_success'] = 'Poikkeus lisätty';
+$PALANG['pTotp_exception_result_error'] = 'Poikkeusta ei voi lisätä';
+$PALANG['pEdit_totp_exception_result_error'] = 'TOTP-poikkeuksia ei voi muuttaa';
+$PALANG['pException_ip_empty_error'] = 'IP ei voi olla tyhjä';
+$PALANG['pException_desc_empty_error'] = 'Kuvaus ei voi olla tyhjä';
+$PALANG['pException_user_entire_domain_error'] = 'Vain annokset voivat lisätä poikkeuksia koko verkkotunnukselle.';
+$PALANG['pException_user_global_error'] = 'Vain superadminit voivat lisätä maailmanlaajuisia poikkeuksia';
+$PALANG['pUsersMain_app_passwords'] = 'Aseta peruutettavia sovellusssalasanoja, joilla on alennetut etuoikeudet';
+$PALANG['pApp_passwords_list'] = 'Nykyiset sovellusssalasanat';
+$PALANG['pApp_password_revoked'] = 'Poikkeus peruutettu';
+$PALANG['pApp_passwords_welcome'] = 'Lisää sovelluksen salasana';
+$PALANG['pAppPassAdd_result_success'] = 'Lisätään sovelluksen salasana';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password ei voi olla tyhjä';
+$PALANG['pAppPassAdd_result_error'] = 'Ei voi lisätä salasanaa';
+$PALANG['MFA_submit'] = 'Vahvista logiikka';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Lisää TOTP-poikkeus';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Poikkeuksen poistaminen';
+$PALANG['pViewlog_action_add_app_password'] = 'Lisää sovelluksen salasana';
+$PALANG['mailbox_postapppassword_failed'] = 'Postilaatikko postapppassword script epäonnistui, tarkista virheloki yksityiskohtiin!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Postilaatikkopoikkeuspoikkeus poistettu käsikirjoitus epäonnistui, tarkista virheloki yksityiskohtiin!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Postilaatikkopoikkeuksen lisäosa käsikirjoitus epäonnistui, tarkista virheloki yksityiskohtiin!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Postilaatikkopostilaatikko totp salainen muutos käsikirjoitus epäonnistui, tarkista virheloki yksityiskohtiin!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP on jo määritetty tälle tilille, haluatko muuttaa salaisuutesi?';
+
+$PALANG['pApp_passwords_add'] = 'Lisää sovelluskohtainen salasana';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/fo.lang

@@ -446,6 +446,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/fr.lang

@@ -446,6 +446,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Caractère illégal';
+$PALANG['copy'] = 'Copie';
+$PALANG['generate'] = 'Génération';
+$PALANG['pMenu_security'] = 'Sécurité';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'Exceptions TOTP';
+$PALANG['pMenu_app_passwords'] = 'Mot de passe d\'application';
+$PALANG['pUsersMain_totp_exceptions'] = 'Permettre des adresses IP fiables pour accéder à votre boîte aux lettres sans TOTP';
+$PALANG['pUsersMenu_totp'] = 'TOTP';
+$PALANG['pTOTP_welcome'] = 'Configuration de votre mot de passe à temps unique';
+$PALANG['pUsersMain_totp'] = 'Configuration de votre mot de passe à temps unique';
+$PALANG['pTOTP_secret'] = 'TOTP secret';
+$PALANG['pTOTP_code'] = 'Code TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Ne peut pas changer de secret TOTP';
+$PALANG['change_TOTP'] = 'Modifier les paramètres TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered';
+$PALANG['pTOTP_qr'] = 'Code QR TOTP';
+$PALANG['pTOTP_confirm'] = 'Veuillez confirmer votre login en fournissant votre code TOTP actuel';
+$PALANG['pTotp_failed'] = 'Votre code entré n\'est pas valide. Veuillez utiliser un code courant.';
+$PALANG['pTotp_stored'] = 'Vous avez confirmé avec succès votre nouveau secret TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address';
+$PALANG['pTotp_exceptions_user'] = 'Nom d\'utilisateur (ou domaine pour administrateurs)';
+$PALANG['pTotp_exceptions_add'] = 'Ajouter une exception';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Description';
+$PALANG['pTotp_exceptions_list'] = 'Exceptions existantes';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Exception révoquée';
+$PALANG['pTotp_exception_result_success'] = 'Exception ajoutée';
+$PALANG['pTotp_exception_result_error'] = 'Ne pas ajouter d ' exception';
+$PALANG['pEdit_totp_exception_result_error'] = 'Impossible de modifier les exceptions TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP ne peut pas être vide';
+$PALANG['pException_desc_empty_error'] = 'La description ne peut pas être vide';
+$PALANG['pException_user_entire_domain_error'] = 'Seuls les administrateurs peuvent ajouter des exceptions pour un domaine entier.';
+$PALANG['pException_user_global_error'] = 'Seuls les superadmins peuvent ajouter des exceptions globales';
+$PALANG['pUsersMain_app_passwords'] = 'Configuration de mots de passe réutilisables avec des privilèges réduits';
+$PALANG['pApp_passwords_list'] = 'Mot de passe d\'application existants';
+$PALANG['pApp_password_revoked'] = 'Exception révoquée';
+$PALANG['pApp_passwords_welcome'] = 'Ajouter un mot de passe';
+$PALANG['pAppPassAdd_result_success'] = 'Ajout d\'un mot de passe d\'application';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Le mot de passe ne peut pas être vide';
+$PALANG['pAppPassAdd_result_error'] = 'Impossible d\'ajouter un mot de passe';
+$PALANG['MFA_submit'] = 'Confirmer login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Ajouter une exception TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Supprimer l ' exception TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Ajouter un mot de passe';
+$PALANG['mailbox_postapppassword_failed'] = 'Le script mailbox postapppassword a échoué, vérifiez le journal d\'erreur pour les détails!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Le mailbox post totp exception supprimer script a échoué, vérifiez le journal d\'erreur pour les détails!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'L\'exception mailbox post totp add script failed, vérifiez le journal d\'erreur pour les détails!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Le script de changement de boîte aux lettres totp secret a échoué, vérifiez le journal d\'erreur pour plus de détails!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP est déjà configuré pour ce compte, voulez-vous changer votre secret ?';
+
+$PALANG['pApp_passwords_add'] = 'Ajouter un mot de passe spécifique à l\'application';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/gl.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/hr.lang

@@ -440,6 +440,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/hu.lang

@@ -454,6 +454,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegális karakter';
+$PALANG['copy'] = 'Másolás';
+$PALANG['generate'] = 'Generáció';
+$PALANG['pMenu_security'] = 'Biztonsági biztonság';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP kivételek';
+$PALANG['pMenu_app_passwords'] = 'Alkalmazási jelszavak';
+$PALANG['pUsersMain_totp_exceptions'] = 'Engedélyezze a megbízható IP-címeket, hogy hozzáférjen a postafiókjához TOTP nélkül';
+$PALANG['pUsersMenu_totp'] = 'változás TOTP';
+$PALANG['pTOTP_welcome'] = 'Állítsa be az időalapú egyszeri jelszót';
+$PALANG['pUsersMain_totp'] = 'Állítsa be az időalapú egyszeri jelszót';
+$PALANG['pTOTP_secret'] = 'TOTP titkos';
+$PALANG['pTOTP_code'] = 'TOTP kód';
+$PALANG['pTOTP_secret_result_error'] = 'Nem lehet megváltoztatni a TOTP titkát';
+$PALANG['change_TOTP'] = 'A TOTP beállítások módosítása';
+$PALANG['pTOTP_code_mismatch'] = 'Helytelen egyszeri jelszó lépett be';
+$PALANG['pTOTP_qr'] = 'TOTP QR kód';
+$PALANG['pTOTP_confirm'] = 'Kérjük, erősítse meg a bejelentkezést az aktuális TOTP kód megadásával';
+$PALANG['pTotp_failed'] = 'Az Ön belépett kódja nem érvényes. Kérjük, használja a jelenlegi kódot.';
+$PALANG['pTotp_stored'] = 'Sikeresen megerősítette az új TOTP titkát.';
+$PALANG['pTotp_exceptions_welcome'] = 'TOPT-mentes cím hozzáadása';
+$PALANG['pTotp_exceptions_user'] = 'Felhasználónév (vagy domain adminokhoz)';
+$PALANG['pTotp_exceptions_add'] = 'Kivétel hozzáadása';
+$PALANG['pTotp_exceptions_address'] = 'IP-cím';
+$PALANG['pTotp_exceptions_description'] = 'Leírás';
+$PALANG['pTotp_exceptions_list'] = 'Létező kivételek';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Kivételes visszavonulás';
+$PALANG['pTotp_exception_result_success'] = 'Exception hozzáadott';
+$PALANG['pTotp_exception_result_error'] = 'Nem lehet kivételt hozzáadni';
+$PALANG['pEdit_totp_exception_result_error'] = 'Képtelen módosítani a TOTP kivételeket';
+$PALANG['pException_ip_empty_error'] = 'Az IP nem lehet üres';
+$PALANG['pException_desc_empty_error'] = 'Leírás nem lehet üres';
+$PALANG['pException_user_entire_domain_error'] = 'Csak az adminok hozzáadhatnak kivételeket egy egész domainhez.';
+$PALANG['pException_user_global_error'] = 'Csak a szuperadminok képesek globális kivételeket hozzáadni';
+$PALANG['pUsersMain_app_passwords'] = 'Beállítás visszavonható alkalmazásjelszavak csökkentett kiváltságokkal';
+$PALANG['pApp_passwords_list'] = 'Létező alkalmazási jelszavak';
+$PALANG['pApp_password_revoked'] = 'Kivételes visszavonulás';
+$PALANG['pApp_passwords_welcome'] = 'Adjon alkalmazási jelszót';
+$PALANG['pAppPassAdd_result_success'] = 'Hozzáadott egy alkalmazási jelszót';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'A jelszó nem lehet üres';
+$PALANG['pAppPassAdd_result_error'] = 'Nem lehet hozzáadni az alkalmazási jelszót';
+$PALANG['MFA_submit'] = 'Confirm login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'TOTP kivétel hozzáadása';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'TOTP kivétel törlesztése';
+$PALANG['pViewlog_action_add_app_password'] = 'Adjon alkalmazási jelszót';
+$PALANG['mailbox_postapppassword_failed'] = 'A postaláda posztapppassword script nem sikerült, ellenőrizze a hibanaplót a részletekért!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'A mailbox post totp kivétel törlesztett szkript nem sikerült, ellenőrizze a hibanaplót a részletekért!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'A mailbox poszt totp kivétel hozzáadott script meghiúsult, ellenőrizze a hibanaplót a részletekért!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'A postaláda post totp titkos változás szkriptje kudarcot vallott, ellenőrizze a hibanaplót a részletekért!';
+
+$PALANG['TOTP_already_configured'] = 'A TOTP már ehhez a fiókhoz van konfigurálva, szeretné megváltoztatni a titkát?';
+
+$PALANG['pApp_passwords_add'] = 'Adjon alkalmazásspecifikus jelszót';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/is.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/it.lang

@@ -442,6 +442,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Carattere illegale';
+$PALANG['copy'] = 'Copia';
+$PALANG['generate'] = 'Generazione';
+$PALANG['pMenu_security'] = 'Sicurezza';
+$PALANG['pMenu_totp'] = 'TOTALE';
+$PALANG['pMenu_totp_exceptions'] = 'Eccezioni TOTP';
+$PALANG['pMenu_app_passwords'] = 'Password di applicazione';
+$PALANG['pUsersMain_totp_exceptions'] = 'Consentire indirizzi IP affidabili per accedere alla tua casella di posta senza TOTP';
+$PALANG['pUsersMenu_totp'] = 'Modifica del TOTP';
+$PALANG['pTOTP_welcome'] = 'Impostare la password di una volta basata sul tempo';
+$PALANG['pUsersMain_totp'] = 'Impostare la password di una volta basata sul tempo';
+$PALANG['pTOTP_secret'] = 'TOTP segreto';
+$PALANG['pTOTP_code'] = 'Codice TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Non potrebbe cambiare il segreto TOTP';
+$PALANG['change_TOTP'] = 'Modifica delle impostazioni TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Non corretta una volta-password inserita';
+$PALANG['pTOTP_qr'] = 'Codice QR TOTP';
+$PALANG['pTOTP_confirm'] = 'Si prega di confermare il login fornendo il codice TOTP corrente';
+$PALANG['pTotp_failed'] = 'Il codice inserito non è valido. Si prega di utilizzare un codice corrente.';
+$PALANG['pTotp_stored'] = 'Hai confermato con successo il tuo nuovo segreto TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Aggiungi l\'indirizzo TOPT-exempt';
+$PALANG['pTotp_exceptions_user'] = 'Nome utente (o dominio per amministratori)';
+$PALANG['pTotp_exceptions_add'] = 'Aggiungere l\'eccezione';
+$PALANG['pTotp_exceptions_address'] = 'Indirizzo IP';
+$PALANG['pTotp_exceptions_description'] = 'Designazione delle merci';
+$PALANG['pTotp_exceptions_list'] = 'Eccezioni esistenti';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Eccezione revocata';
+$PALANG['pTotp_exception_result_success'] = 'Eccezione aggiunto';
+$PALANG['pTotp_exception_result_error'] = 'Non è possibile aggiungere eccezione';
+$PALANG['pEdit_totp_exception_result_error'] = 'Incapace di modificare le eccezioni TOTP';
+$PALANG['pException_ip_empty_error'] = 'L\'IP non può essere vuoto';
+$PALANG['pException_desc_empty_error'] = 'Descrizione non può essere vuota';
+$PALANG['pException_user_entire_domain_error'] = 'Solo gli amministratori possono aggiungere eccezioni per un intero dominio.';
+$PALANG['pException_user_global_error'] = 'Solo i superadmin possono aggiungere eccezioni globali';
+$PALANG['pUsersMain_app_passwords'] = 'Impostare le password di app revocabili con privilegi ridotti';
+$PALANG['pApp_passwords_list'] = 'password di applicazione esistenti';
+$PALANG['pApp_password_revoked'] = 'Eccezione revocata';
+$PALANG['pApp_passwords_welcome'] = 'Aggiungi password dell\'applicazione';
+$PALANG['pAppPassAdd_result_success'] = 'Aggiunto un\'applicazione password';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'La password non può essere vuota';
+$PALANG['pAppPassAdd_result_error'] = 'Non è possibile aggiungere la password dell\'applicazione';
+$PALANG['MFA_submit'] = 'Confermare il login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Aggiungi l\'eccezione TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Eliminare l\'eccezione TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Aggiungi password dell\'applicazione';
+$PALANG['mailbox_postapppassword_failed'] = 'Lo script postapppassword casella di posta non è riuscito, controlla il registro di errore per i dettagli!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'L\'eccezione di mailbox post totp delete script fail, controllare il registro di errore per i dettagli!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'L\'eccezione mailbox post totp aggiunge lo script non riuscito, controlla il registro di errore per i dettagli!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Il mailbox post totp script di cambiamento segreto fallito, controllare il registro di errore per i dettagli!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP è già configurato per questo account, vuoi cambiare il tuo segreto?';
+
+$PALANG['pApp_passwords_add'] = 'Aggiungere la password specifica dell\'applicazione';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/ja.lang

@@ -452,6 +452,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = '違法な性格';
+$PALANG['copy'] = 'コピー';
+$PALANG['generate'] = '生成する';
+$PALANG['pMenu_security'] = 'セキュリティ';
+$PALANG['pMenu_totp'] = 'トピックス';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP例外';
+$PALANG['pMenu_app_passwords'] = 'アプリケーションパスワード';
+$PALANG['pUsersMain_totp_exceptions'] = '信頼できるIPアドレスをTOTPなしでメールボックスにアクセスできるようにする';
+$PALANG['pUsersMenu_totp'] = 'TOTPの変更';
+$PALANG['pTOTP_welcome'] = 'タイムベースワンタイムパスワードの設定';
+$PALANG['pUsersMain_totp'] = 'タイムベースワンタイムパスワードの設定';
+$PALANG['pTOTP_secret'] = 'TOTPシークレット';
+$PALANG['pTOTP_code'] = 'TOTPコード';
+$PALANG['pTOTP_secret_result_error'] = 'TOTPの秘密を変更できません';
+$PALANG['change_TOTP'] = 'TOTP設定の変更';
+$PALANG['pTOTP_code_mismatch'] = 'ワンタイムパスワードが入力されていない';
+$PALANG['pTOTP_qr'] = 'TOTP QRコード';
+$PALANG['pTOTP_confirm'] = '現在のTOTPコードを提供してログインを確認して下さい';
+$PALANG['pTotp_failed'] = '入力したコードは有効ではありません。 現在のコードを入力してください。';
+$PALANG['pTotp_stored'] = 'あなたの新しいTOTPの秘密を首尾よく確認しました。';
+$PALANG['pTotp_exceptions_welcome'] = 'TOPT免除アドレスを追加';
+$PALANG['pTotp_exceptions_user'] = 'ユーザー名(または管理者のドメイン)';
+$PALANG['pTotp_exceptions_add'] = '例外の追加';
+$PALANG['pTotp_exceptions_address'] = 'IPアドレス';
+$PALANG['pTotp_exceptions_description'] = 'コンテンツ';
+$PALANG['pTotp_exceptions_list'] = '既存の例外';
+$PALANG['pTotp_exceptions_revoke'] = 'ログイン';
+$PALANG['pTotp_exceptions_revoked'] = '例外が呼び出される';
+$PALANG['pTotp_exception_result_success'] = 'Exception を追加';
+$PALANG['pTotp_exception_result_error'] = '例外を追加できません';
+$PALANG['pEdit_totp_exception_result_error'] = 'TOTP例外を変更できない';
+$PALANG['pException_ip_empty_error'] = 'IPは空にすることはできません';
+$PALANG['pException_desc_empty_error'] = '説明は空にすることはできません';
+$PALANG['pException_user_entire_domain_error'] = '管理者だけがドメイン全体に例外を追加することができます。';
+$PALANG['pException_user_global_error'] = '管理者のみがグローバル例外を追加できます';
+$PALANG['pUsersMain_app_passwords'] = 'アプリのパスワードを設定し、権限を削減';
+$PALANG['pApp_passwords_list'] = '既存のパスワード';
+$PALANG['pApp_password_revoked'] = '例外が呼び出される';
+$PALANG['pApp_passwords_welcome'] = 'アプリケーションパスワードの追加';
+$PALANG['pAppPassAdd_result_success'] = 'アプリケーションパスワードを追加';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'パスワードが空にすることはできません';
+$PALANG['pAppPassAdd_result_error'] = 'アプリケーションパスワードを追加できません';
+$PALANG['MFA_submit'] = 'ログイン確認';
+$PALANG['pViewlog_action_add_totp_exception'] = 'TOTP例外の追加';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'TOTP例外の削除';
+$PALANG['pViewlog_action_add_app_password'] = 'アプリケーションパスワードの追加';
+$PALANG['mailbox_postapppassword_failed'] = 'mailbox postapppasswordスクリプトが失敗しました。詳細はエラーログを確認してください!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'mailbox 投稿 totp 例外削除スクリプト失敗、エラーログの詳細をチェック!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'mailbox post totp 例外はスクリプトが失敗し、エラーログを詳細にチェック!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'mailbox 投稿 totp シークレット変更スクリプトが失敗しました。詳細はエラーログを確認してください!';
+
+$PALANG['TOTP_already_configured'] = 'TOTPは既にこのアカウントで設定されていますが、秘密を変更したいですか?';
+
+$PALANG['pApp_passwords_add'] = 'アプリケーション固有のパスワードを追加する';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/lt.lang

@@ -447,6 +447,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/mk.lang

@@ -442,6 +442,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/nb.lang

@@ -442,6 +442,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/nl.lang

@@ -445,6 +445,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX
 $PALANG['To_Forward_Only']                  = 'Alleen Doorsturen'; # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegaal karakter';
+$PALANG['copy'] = 'Begrepen.';
+$PALANG['generate'] = 'Genereerd';
+$PALANG['pMenu_security'] = 'Beveiliging';
+$PALANG['pMenu_totp'] = 'Top';
+$PALANG['pMenu_totp_exceptions'] = 'ToTP uitzondering';
+$PALANG['pMenu_app_passwords'] = 'Applicatie wachtwoorden';
+$PALANG['pUsersMain_totp_exceptions'] = 'Laat IP-adressen toegang krijgen tot je brievenbus zonder ToTPP';
+$PALANG['pUsersMenu_totp'] = 'Verandering ToTP';
+$PALANG['pTOTP_welcome'] = 'Zet je Time-based One-time Password';
+$PALANG['pUsersMain_totp'] = 'Zet je Time-based One-time Password';
+$PALANG['pTOTP_secret'] = 'ToTP geheim';
+$PALANG['pTOTP_code'] = 'ToTP';
+$PALANG['pTOTP_secret_result_error'] = 'Kon ToTP geheim niet veranderen';
+$PALANG['change_TOTP'] = 'Verandering ToTP setting';
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password in';
+$PALANG['pTOTP_qr'] = 'ToTP QR-code';
+$PALANG['pTOTP_confirm'] = 'Bevestig uw login door uw huidige ToTP code';
+$PALANG['pTotp_failed'] = 'Je code is niet geldig. Gebruik alsjeblieft een huidige code.';
+$PALANG['pTotp_stored'] = 'Je hebt succesvol je nieuwe ToTP geheim bevestigd.';
+$PALANG['pTotp_exceptions_welcome'] = 'Vertaling:';
+$PALANG['pTotp_exceptions_user'] = 'Gebruikernaam (or domein voor administratie)';
+$PALANG['pTotp_exceptions_add'] = 'Voeg uitzondering toe.';
+$PALANG['pTotp_exceptions_address'] = 'IP-Addres';
+$PALANG['pTotp_exceptions_description'] = 'Beschrijving';
+$PALANG['pTotp_exceptions_list'] = 'Uitzondering';
+$PALANG['pTotp_exceptions_revoke'] = 'Herroep';
+$PALANG['pTotp_exceptions_revoked'] = 'Uitzondering ingetrokken';
+$PALANG['pTotp_exception_result_success'] = 'Uitzondering toegevoegd';
+$PALANG['pTotp_exception_result_error'] = 'Kon geen uitzondering toevoegen';
+$PALANG['pEdit_totp_exception_result_error'] = 'Niet in staat om ToTP uitzonderingen te veranderen';
+$PALANG['pException_ip_empty_error'] = 'IP kan niet leeg';
+$PALANG['pException_desc_empty_error'] = 'Beschrijving kan niet leeg zijn';
+$PALANG['pException_user_entire_domain_error'] = 'Alleen administratie kan uitzonderingen toevoegen voor een heel domein.';
+$PALANG['pException_user_global_error'] = 'Alleen superadminnen kunnen wereldwijde uitzonderingen toevoegen';
+$PALANG['pUsersMain_app_passwords'] = 'Vertaling:';
+$PALANG['pApp_passwords_list'] = 'Existing aanvragen wachtwoorden';
+$PALANG['pApp_password_revoked'] = 'Uitzondering ingetrokken';
+$PALANG['pApp_passwords_welcome'] = 'Voeg een wachtwoord toe.';
+$PALANG['pAppPassAdd_result_success'] = 'Voeg een toepassingsbewijs toe.';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Het wachtwoord kan niet leeg zijn';
+$PALANG['pAppPassAdd_result_error'] = 'Kon geen toepassing toevoegen';
+$PALANG['MFA_submit'] = 'Bevestig de login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Vertaling:';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Verwijder ToTP uitzondering';
+$PALANG['pViewlog_action_add_app_password'] = 'Voeg een wachtwoord toe.';
+$PALANG['mailbox_postapppassword_failed'] = 'De postpassword script faalde, controleerde de foutenlog voor details.';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'De postbus uitzondering heeft gefaald, controleer het foute logboek voor details.';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'De postbus uitzondering van de postbus is gefaald, controleer het foute logboek voor details!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'De postbus van de postbus is gezakt. Controleer het foute logboek voor details.';
+
+$PALANG['TOTP_already_configured'] = 'ToTP is al in beslag genomen voor deze rekening, wil je je geheim veranderen?';
+
+$PALANG['pApp_passwords_add'] = 'Voeg een toepassing toe.';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/nn.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/pl.lang

@@ -447,6 +447,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Nielegalny charakter';
+$PALANG['copy'] = 'Copy';
+$PALANG['generate'] = 'Generating';
+$PALANG['pMenu_security'] = 'Security Security';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'Wyjątek TOTP';
+$PALANG['pMenu_app_passwords'] = 'Aplikacja hasła';
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow zaufał adresy IP, aby uzyskać dostęp do skrzynki pocztowej bez TOTP.';
+$PALANG['pUsersMenu_totp'] = 'Zmiana TOTP';
+$PALANG['pTOTP_welcome'] = 'Twoja wersja Onetime Password';
+$PALANG['pUsersMain_totp'] = 'Twoja wersja Onetime Password';
+$PALANG['pTOTP_secret'] = 'TOTP sekret';
+$PALANG['pTOTP_code'] = 'kod TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Could not change secret (ang.).';
+$PALANG['change_TOTP'] = 'Zmiana TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Nieprawdopodobny jednorazowo-pasmowy';
+$PALANG['pTOTP_qr'] = 'TOTP QR-code';
+$PALANG['pTOTP_confirm'] = 'Powiedzcie waszą loginą, zapewniając swój obecny kod TOTP.';
+$PALANG['pTotp_failed'] = 'Wejście do kodu nie jest ważne. Używa aktualnego kodu.';
+$PALANG['pTotp_stored'] = 'Pozwoliło mu się potwierdzić nowy sekret TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Addd TOPT-exempt address';
+$PALANG['pTotp_exceptions_user'] = 'Username (lub domena dla admin).';
+$PALANG['pTotp_exceptions_add'] = 'wyjątek';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Opis';
+$PALANG['pTotp_exceptions_list'] = 'wyjątek';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Wyjątek odwołany';
+$PALANG['pTotp_exception_result_success'] = 'dodać';
+$PALANG['pTotp_exception_result_error'] = 'Nie dodaje się żadnych wyrażeń.';
+$PALANG['pEdit_totp_exception_result_error'] = 'Nie mogąc dostosować wyjątków TOTP.';
+$PALANG['pException_ip_empty_error'] = 'IP nie może być pusty.';
+$PALANG['pException_desc_empty_error'] = 'Opis nie może być pusty';
+$PALANG['pException_user_entire_domain_error'] = 'Jedynie adminidy mogą dodawać wyjątek dla całego obszaru.';
+$PALANG['pException_user_global_error'] = 'Jedynie superadminidy mogą dodać globalne wyjątki.';
+$PALANG['pUsersMain_app_passwords'] = 'Przepisy ustawodawcze';
+$PALANG['pApp_passwords_list'] = 'Adaptacja hasła';
+$PALANG['pApp_password_revoked'] = 'Wyjątek odwołany';
+$PALANG['pApp_passwords_welcome'] = 'Adddupacja';
+$PALANG['pAppPassAdd_result_success'] = 'Wtedy aplikacja przechodzi słowo.';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Nie może być pusty';
+$PALANG['pAppPassAdd_result_error'] = 'Could not add the name password';
+$PALANG['MFA_submit'] = 'Confirm login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Wyjątek TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Wyjątek TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Adddupacja';
+$PALANG['mailbox_postapppassword_failed'] = 'Scenariusz pocztówki nie powiódł się, sprawdzając błąd w detalach.';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Wyjątek pocztówki z wyjątkiem skryptu nie powiódł się, sprawdzając błąd w detalach.';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Wyjątek pocztowy dodaje skrypt, sprawdzając błędy dla szczegółów.';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Scenariusz pocztowy po przeprowadzeniu tajnego scenariusza zmiany zaniechano, sprawdzając błąd dla szczegółów.';
+
+$PALANG['TOTP_already_configured'] = 'TOTP jest już skonfigurowany za to, że chcesz zmienić swój sekret?';
+
+$PALANG['pApp_passwords_add'] = 'Addd Application-specific password';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/pt-br.lang

@@ -454,6 +454,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Característica ilegítima';
+$PALANG['copy'] = 'Entendido.';
+$PALANG['generate'] = 'Gerar';
+$PALANG['pMenu_security'] = 'Segurança';
+$PALANG['pMenu_totp'] = 'TOPO';
+$PALANG['pMenu_totp_exceptions'] = 'Excepções TOTP';
+$PALANG['pMenu_app_passwords'] = 'Senhas de aplicação';
+$PALANG['pUsersMain_totp_exceptions'] = 'Permitir endereços IP confiáveis para acessar sua caixa de correio sem TOTP';
+$PALANG['pUsersMenu_totp'] = 'Alterar TOTP';
+$PALANG['pTOTP_welcome'] = 'Configure sua senha de uma só vez baseada em tempo';
+$PALANG['pUsersMain_totp'] = 'Configure sua senha de uma só vez baseada em tempo';
+$PALANG['pTOTP_secret'] = 'TOTP segredo';
+$PALANG['pTOTP_code'] = 'Código TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Não poderia mudar segredo TOTP';
+$PALANG['change_TOTP'] = 'Alterar configurações do TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Incorreto uma vez-password entrou';
+$PALANG['pTOTP_qr'] = 'Código de QR TOTP';
+$PALANG['pTOTP_confirm'] = 'Por favor, confirme o seu login fornecendo o seu código TOTP atual';
+$PALANG['pTotp_failed'] = 'Seu código inserido não é válido. Por favor, use um código atual.';
+$PALANG['pTotp_stored'] = 'Confirmaste com sucesso o teu novo segredo do TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Adicionar endereço TOPT-exempt';
+$PALANG['pTotp_exceptions_user'] = 'Nome de usuário (ou domínio para administradores)';
+$PALANG['pTotp_exceptions_add'] = 'Adicionar exceção';
+$PALANG['pTotp_exceptions_address'] = 'Endereço IP';
+$PALANG['pTotp_exceptions_description'] = 'Descrição';
+$PALANG['pTotp_exceptions_list'] = 'Excepções existentes';
+$PALANG['pTotp_exceptions_revoke'] = 'Revogado.';
+$PALANG['pTotp_exceptions_revoked'] = 'Exceção revogada';
+$PALANG['pTotp_exception_result_success'] = 'Exceção adicionada';
+$PALANG['pTotp_exception_result_error'] = 'Não poderia adicionar exceção';
+$PALANG['pEdit_totp_exception_result_error'] = 'Incapaz de modificar exceções TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP não pode ser vazio';
+$PALANG['pException_desc_empty_error'] = 'Descrição não pode ser vazia';
+$PALANG['pException_user_entire_domain_error'] = 'Apenas os administradores podem adicionar exceções para um domínio inteiro.';
+$PALANG['pException_user_global_error'] = 'Apenas os superadmins podem adicionar exceções globais';
+$PALANG['pUsersMain_app_passwords'] = 'Configurar senhas de aplicativos revokable com privilégios reduzidos';
+$PALANG['pApp_passwords_list'] = 'Senhas de aplicação existentes';
+$PALANG['pApp_password_revoked'] = 'Exceção revogada';
+$PALANG['pApp_passwords_welcome'] = 'Adicionar senha do aplicativo';
+$PALANG['pAppPassAdd_result_success'] = 'Adicionado uma senha de aplicação';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'A senha não pode estar vazia';
+$PALANG['pAppPassAdd_result_error'] = 'Não poderia adicionar senha de aplicação';
+$PALANG['MFA_submit'] = 'Confirme login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Adicionar exceção TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Excluir exceção TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Adicionar senha do aplicativo';
+$PALANG['mailbox_postapppassword_failed'] = 'O script postapppassword da caixa de correio falhou, verifique o registro de erro para detalhes!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'A caixa de correio post totp exceção excluir script falhou, verifique o registro de erro para detalhes!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'A exceção totp post caixa de correio adiciona script falhou, verifique o registro de erro para detalhes!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'A caixa de correio post totp secreto mudar script falhou, verifique o registro de erro para detalhes!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP já está configurado para esta conta, você quer mudar seu segredo?';
+
+$PALANG['pApp_passwords_add'] = 'Adicionar senha específica do aplicativo';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/pt-pt.lang

@@ -454,6 +454,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Característica ilegítima';
+$PALANG['copy'] = 'Entendido.';
+$PALANG['generate'] = 'Gerar';
+$PALANG['pMenu_security'] = 'Segurança';
+$PALANG['pMenu_totp'] = 'TOPO';
+$PALANG['pMenu_totp_exceptions'] = 'Excepções TOTP';
+$PALANG['pMenu_app_passwords'] = 'Senhas de aplicação';
+$PALANG['pUsersMain_totp_exceptions'] = 'Permitir endereços IP confiáveis para acessar sua caixa de correio sem TOTP';
+$PALANG['pUsersMenu_totp'] = 'Alterar TOTP';
+$PALANG['pTOTP_welcome'] = 'Configure sua senha de uma só vez baseada em tempo';
+$PALANG['pUsersMain_totp'] = 'Configure sua senha de uma só vez baseada em tempo';
+$PALANG['pTOTP_secret'] = 'TOTP segredo';
+$PALANG['pTOTP_code'] = 'Código TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Não poderia mudar segredo TOTP';
+$PALANG['change_TOTP'] = 'Alterar configurações do TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Incorreto uma vez-password entrou';
+$PALANG['pTOTP_qr'] = 'Código de QR TOTP';
+$PALANG['pTOTP_confirm'] = 'Por favor, confirme o seu login fornecendo o seu código TOTP atual';
+$PALANG['pTotp_failed'] = 'Seu código inserido não é válido. Por favor, use um código atual.';
+$PALANG['pTotp_stored'] = 'Confirmaste com sucesso o teu novo segredo do TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Adicionar endereço TOPT-exempt';
+$PALANG['pTotp_exceptions_user'] = 'Nome de usuário (ou domínio para administradores)';
+$PALANG['pTotp_exceptions_add'] = 'Adicionar exceção';
+$PALANG['pTotp_exceptions_address'] = 'Endereço IP';
+$PALANG['pTotp_exceptions_description'] = 'Descrição';
+$PALANG['pTotp_exceptions_list'] = 'Excepções existentes';
+$PALANG['pTotp_exceptions_revoke'] = 'Revogado.';
+$PALANG['pTotp_exceptions_revoked'] = 'Exceção revogada';
+$PALANG['pTotp_exception_result_success'] = 'Exceção adicionada';
+$PALANG['pTotp_exception_result_error'] = 'Não poderia adicionar exceção';
+$PALANG['pEdit_totp_exception_result_error'] = 'Incapaz de modificar exceções TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP não pode ser vazio';
+$PALANG['pException_desc_empty_error'] = 'Descrição não pode ser vazia';
+$PALANG['pException_user_entire_domain_error'] = 'Apenas os administradores podem adicionar exceções para um domínio inteiro.';
+$PALANG['pException_user_global_error'] = 'Apenas os superadmins podem adicionar exceções globais';
+$PALANG['pUsersMain_app_passwords'] = 'Configurar senhas de aplicativos revokable com privilégios reduzidos';
+$PALANG['pApp_passwords_list'] = 'Senhas de aplicação existentes';
+$PALANG['pApp_password_revoked'] = 'Exceção revogada';
+$PALANG['pApp_passwords_welcome'] = 'Adicionar senha do aplicativo';
+$PALANG['pAppPassAdd_result_success'] = 'Adicionado uma senha de aplicação';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'A senha não pode estar vazia';
+$PALANG['pAppPassAdd_result_error'] = 'Não poderia adicionar senha de aplicação';
+$PALANG['MFA_submit'] = 'Confirme login';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Adicionar exceção TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Excluir exceção TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Adicionar senha do aplicativo';
+$PALANG['mailbox_postapppassword_failed'] = 'O script postapppassword da caixa de correio falhou, verifique o registro de erro para detalhes!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'A caixa de correio post totp exceção excluir script falhou, verifique o registro de erro para detalhes!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'A exceção totp post caixa de correio adiciona script falhou, verifique o registro de erro para detalhes!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'A caixa de correio post totp secreto mudar script falhou, verifique o registro de erro para detalhes!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP já está configurado para esta conta, você quer mudar seu segredo?';
+
+$PALANG['pApp_passwords_add'] = 'Adicionar senha específica do aplicativo';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/ro.lang

@@ -453,6 +453,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/ru.lang

@@ -455,6 +455,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Незаконный характер';
+$PALANG['copy'] = 'Копировать';
+$PALANG['generate'] = 'Создание';
+$PALANG['pMenu_security'] = 'Безопасность';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'Исключения из КТВ';
+$PALANG['pMenu_app_passwords'] = 'Пароли приложений';
+$PALANG['pUsersMain_totp_exceptions'] = 'Позволить доверенным IP-адресам получать доступ к почтовому ящику без TOTP';
+$PALANG['pUsersMenu_totp'] = 'Изменение TOTP';
+$PALANG['pTOTP_welcome'] = 'Настройка одноразового пароля на основе времени';
+$PALANG['pUsersMain_totp'] = 'Настройка одноразового пароля на основе времени';
+$PALANG['pTOTP_secret'] = 'Секрет TOTP';
+$PALANG['pTOTP_code'] = 'Код TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Невозможно изменить секрет TOTP';
+$PALANG['change_TOTP'] = 'Изменение параметров TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Некорректный одноразовый пароль введен';
+$PALANG['pTOTP_qr'] = 'TOTP QR-код';
+$PALANG['pTOTP_confirm'] = 'Пожалуйста, подтвердите свой логин, предоставив ваш текущий код TOTP';
+$PALANG['pTotp_failed'] = 'Ваш введенный код недействителен. Пожалуйста, используйте текущий код.';
+$PALANG['pTotp_stored'] = 'Вы успешно подтвердили свой новый секрет TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Добавить адрес TOPT';
+$PALANG['pTotp_exceptions_user'] = 'Имя пользователя (или домен для администраторов)';
+$PALANG['pTotp_exceptions_add'] = 'Добавить исключение';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Описание';
+$PALANG['pTotp_exceptions_list'] = 'Существующие исключения';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Исключение отменено';
+$PALANG['pTotp_exception_result_success'] = 'Добавлено исключение';
+$PALANG['pTotp_exception_result_error'] = 'Невозможно добавить исключение';
+$PALANG['pEdit_totp_exception_result_error'] = 'Невозможно изменить исключения из TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP не может быть пустым';
+$PALANG['pException_desc_empty_error'] = 'Описание не может быть пустым';
+$PALANG['pException_user_entire_domain_error'] = 'Только администраторы могут добавлять исключения для всего домена.';
+$PALANG['pException_user_global_error'] = 'Только суперадминистраторы могут добавлять глобальные исключения';
+$PALANG['pUsersMain_app_passwords'] = 'Настройка отмененных паролей приложений с ограниченными привилегиями';
+$PALANG['pApp_passwords_list'] = 'Существующие пароли приложений';
+$PALANG['pApp_password_revoked'] = 'Исключение отменено';
+$PALANG['pApp_passwords_welcome'] = 'Добавить пароль приложения';
+$PALANG['pAppPassAdd_result_success'] = 'Добавить пароль приложения';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Пароль не может быть пустым';
+$PALANG['pAppPassAdd_result_error'] = 'Невозможно добавить пароль приложения';
+$PALANG['MFA_submit'] = 'Подтверждение входа';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Добавить исключение TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Исключить исключение ТОТП';
+$PALANG['pViewlog_action_add_app_password'] = 'Добавить пароль приложения';
+$PALANG['mailbox_postapppassword_failed'] = 'Почтовый почтовый ящик не удалось, проверьте журнал ошибок для деталей!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Исключение исключения из почтового ящика для удаления скрипта не удалось, проверьте журнал ошибок для деталей!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Добавить в список почтового ящика не удалось, проверьте журнал ошибок для деталей!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Почтовый почтовый ящик с секретным сценарием изменения не удалось, проверьте журнал ошибок для деталей!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP уже настроен для этой учетной записи, хотите ли вы изменить свой секрет?';
+
+$PALANG['pApp_passwords_add'] = 'Добавить пароль для приложения';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/sk.lang

@@ -442,6 +442,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Nelegálne charakter';
+$PALANG['copy'] = 'Kopírovať';
+$PALANG['generate'] = 'Generovať';
+$PALANG['pMenu_security'] = 'Bezpečnosť';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP výnimky';
+$PALANG['pMenu_app_passwords'] = 'Aplikačné heslá';
+$PALANG['pUsersMain_totp_exceptions'] = 'Umožniť dôveryhodné IP-adresy prístup k poštovej schránke bez TOTP';
+$PALANG['pUsersMenu_totp'] = 'Zmena TOTP';
+$PALANG['pTOTP_welcome'] = 'Nastaviť svoje časové heslo';
+$PALANG['pUsersMain_totp'] = 'Nastaviť svoje časové heslo';
+$PALANG['pTOTP_secret'] = 'TOTP tajomstvo';
+$PALANG['pTOTP_code'] = 'Kód TOTP';
+$PALANG['pTOTP_secret_result_error'] = 'Nemožno zmeniť TOTP tajomstvo';
+$PALANG['change_TOTP'] = 'Zmena nastavení TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Nesprávne jednorázové slovo zadané';
+$PALANG['pTOTP_qr'] = 'TOTP QR kód';
+$PALANG['pTOTP_confirm'] = 'Prosím, potvrďte svoje prihlásenie tým, že poskytnete svoj aktuálny kód TOTP';
+$PALANG['pTotp_failed'] = 'Váš zapísaný kód nie je platný. Použite aktuálny kód.';
+$PALANG['pTotp_stored'] = 'Úspešne ste potvrdili nové TOTP tajomstvo.';
+$PALANG['pTotp_exceptions_welcome'] = 'Pridať TOPT-exempt adresu';
+$PALANG['pTotp_exceptions_user'] = 'Užívateľské meno (alebo doména pre administrátorov)';
+$PALANG['pTotp_exceptions_add'] = 'Pridať výnimku';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Opis';
+$PALANG['pTotp_exceptions_list'] = 'Existujúce výnimky';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Odvolané';
+$PALANG['pTotp_exception_result_success'] = 'Výnimočnosť pridané';
+$PALANG['pTotp_exception_result_error'] = 'Nemohol pridať výnimku';
+$PALANG['pEdit_totp_exception_result_error'] = 'Nemožno zmeniť TOTP výnimky';
+$PALANG['pException_ip_empty_error'] = 'IP nemôže byť prázdne';
+$PALANG['pException_desc_empty_error'] = 'Popis nemôže byť prázdny';
+$PALANG['pException_user_entire_domain_error'] = 'Iba administrátori môžu pridať výnimky pre celú doménu.';
+$PALANG['pException_user_global_error'] = 'Iba superadmins môžu pridať globálne výnimky';
+$PALANG['pUsersMain_app_passwords'] = 'Nastavenie reprovokovateľné app heslá s znížené privilégiá';
+$PALANG['pApp_passwords_list'] = 'Existujúce aplikačné heslá';
+$PALANG['pApp_password_revoked'] = 'Odvolané';
+$PALANG['pApp_passwords_welcome'] = 'Pridať aplikačné heslo';
+$PALANG['pAppPassAdd_result_success'] = 'Pridané heslo aplikácie';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Heslo nemôže byť prázdne';
+$PALANG['pAppPassAdd_result_error'] = 'Nemožno pridať aplikačné heslo';
+$PALANG['MFA_submit'] = 'Potvrdiť prihlásenie';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Pridať TOTP výnimku';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Odstrániť TOTP výnimku';
+$PALANG['pViewlog_action_add_app_password'] = 'Pridať aplikačné heslo';
+$PALANG['mailbox_postapppassword_failed'] = 'Mail postapppassword skript zlyhal, skontrolujte chybový protokol pre detaily!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'poštová schránka totp výnimky odstrániť skript zlyhala, skontrolujte chybový protokol pre detaily!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'poštová schránka príspevok totp výnimka pridať skript zlyhal, skontrolujte chybový protokol pre detaily!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Mail totp tajné zmeny skript zlyhal, skontrolujte chybové protokol pre detaily!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP je už nakonfigurovaný pre tento účet, chcete zmeniť svoje tajomstvo?';
+
+$PALANG['pApp_passwords_add'] = 'Pridať aplikačné konkrétne heslo';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/sl.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Illegal character'; # XXX
+$PALANG['copy'] = 'Copy'; # XXX
+$PALANG['generate'] = 'Generate'; # XXX
+$PALANG['pMenu_security'] = 'Security'; # XXX
+$PALANG['pMenu_totp'] = 'TOTP'; # XXX
+$PALANG['pMenu_totp_exceptions'] = 'TOTP exceptions'; # XXX
+$PALANG['pMenu_app_passwords'] = 'Application passwords'; # XXX
+$PALANG['pUsersMain_totp_exceptions'] = 'Allow trusted IP-addresses to access your mailbox without TOTP'; # XXX
+$PALANG['pUsersMenu_totp'] = 'Change TOTP'; # XXX
+$PALANG['pTOTP_welcome'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pUsersMain_totp'] = 'Setup your Time-based One-time Password'; # XXX
+$PALANG['pTOTP_secret'] = 'TOTP secret'; # XXX
+$PALANG['pTOTP_code'] = 'TOTP code'; # XXX
+$PALANG['pTOTP_secret_result_error'] = 'Could not change TOTP secret'; # XXX
+$PALANG['change_TOTP'] = 'Change TOTP settings'; # XXX
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password entered'; # XXX
+$PALANG['pTOTP_qr'] = 'TOTP QR-code'; # XXX
+$PALANG['pTOTP_confirm'] = 'Please confirm your login by providing your current TOTP code'; # XXX
+$PALANG['pTotp_failed'] = 'Your entered code is not valid. Please use a current code.'; # XXX
+$PALANG['pTotp_stored'] = 'You successfully confirmed your new TOTP secret.'; # XXX
+$PALANG['pTotp_exceptions_welcome'] = 'Add TOPT-exempt address'; # XXX
+$PALANG['pTotp_exceptions_user'] = 'Username (or domain for admins)'; # XXX
+$PALANG['pTotp_exceptions_add'] = 'Add exception'; # XXX
+$PALANG['pTotp_exceptions_address'] = 'IP-Address'; # XXX
+$PALANG['pTotp_exceptions_description'] = 'Description'; # XXX
+$PALANG['pTotp_exceptions_list'] = 'Existing exceptions'; # XXX
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke'; # XXX
+$PALANG['pTotp_exceptions_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pTotp_exception_result_success'] = 'Exception added'; # XXX
+$PALANG['pTotp_exception_result_error'] = 'Could not add exception'; # XXX
+$PALANG['pEdit_totp_exception_result_error'] = 'Unable to modify TOTP exceptions'; # XXX
+$PALANG['pException_ip_empty_error'] = 'IP cannot be empty'; # XXX
+$PALANG['pException_desc_empty_error'] = 'Description cannot be empty'; # XXX
+$PALANG['pException_user_entire_domain_error'] = 'Only admins can add exceptions for an entire domain.'; # XXX
+$PALANG['pException_user_global_error'] = 'Only superadmins can add global exceptions'; # XXX
+$PALANG['pUsersMain_app_passwords'] = 'Setup revokable app passwords with reduced privileges'; # XXX
+$PALANG['pApp_passwords_list'] = 'Existing application passwords'; # XXX
+$PALANG['pApp_password_revoked'] = 'Exception revoked'; # XXX
+$PALANG['pApp_passwords_welcome'] = 'Add application password'; # XXX
+$PALANG['pAppPassAdd_result_success'] = 'Added an application password'; # XXX
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Password cannot be empty'; # XXX
+$PALANG['pAppPassAdd_result_error'] = 'Could not add application password'; # XXX
+$PALANG['MFA_submit'] = 'Confirm login'; # XXX
+$PALANG['pViewlog_action_add_totp_exception'] = 'Add TOTP exception'; # XXX
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP exception'; # XXX
+$PALANG['pViewlog_action_add_app_password'] = 'Add application password'; # XXX
+$PALANG['mailbox_postapppassword_failed'] = 'The mailbox postapppassword script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'The mailbox post totp exception delete script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'The mailbox post totp exception add script failed, check the error log for details!'; # XXX
+$PALANG['mailbox_post_TOTP_change_failed'] = 'The mailbox post totp secret change script failed, check the error log for details!'; # XXX
+
+$PALANG['TOTP_already_configured'] = 'TOTP is already configured for this account, do you want to change your secret?'; # XXX
+
+$PALANG['pApp_passwords_add'] = 'Add application-specific password'; # XXX
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/sv.lang

@@ -454,6 +454,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Olaglig karaktär';
+$PALANG['copy'] = 'Kopiera';
+$PALANG['generate'] = 'Generat';
+$PALANG['pMenu_security'] = 'Säkerhet';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP undantag';
+$PALANG['pMenu_app_passwords'] = 'Applikationslösenord';
+$PALANG['pUsersMain_totp_exceptions'] = 'Tillåt betrodda IP-adresser att komma åt din brevlåda utan TOTP';
+$PALANG['pUsersMenu_totp'] = 'Ändra TOTP';
+$PALANG['pTOTP_welcome'] = 'Ställ in ditt tidsbaserade engångslösenord';
+$PALANG['pUsersMain_totp'] = 'Ställ in ditt tidsbaserade engångslösenord';
+$PALANG['pTOTP_secret'] = 'TOTP hemlighet';
+$PALANG['pTOTP_code'] = 'TOTP-kod';
+$PALANG['pTOTP_secret_result_error'] = 'Kunde inte ändra TOTP hemlighet';
+$PALANG['change_TOTP'] = 'Ändra TOTP-inställningar';
+$PALANG['pTOTP_code_mismatch'] = 'Inkorrekt engångslösenord in';
+$PALANG['pTOTP_qr'] = 'TOTP QR-kod';
+$PALANG['pTOTP_confirm'] = 'Vänligen bekräfta din inloggning genom att ange din nuvarande TOTP-kod';
+$PALANG['pTotp_failed'] = 'Din inmatade kod är inte giltig. Använd en aktuell kod.';
+$PALANG['pTotp_stored'] = 'Du bekräftade framgångsrikt din nya TOTP-hemlighet.';
+$PALANG['pTotp_exceptions_welcome'] = 'Lägg till TOPT-befriad adress';
+$PALANG['pTotp_exceptions_user'] = 'Användarnamn (eller domän för administratörer)';
+$PALANG['pTotp_exceptions_add'] = 'Lägg till undantag';
+$PALANG['pTotp_exceptions_address'] = 'IP-adress';
+$PALANG['pTotp_exceptions_description'] = 'Beskrivning';
+$PALANG['pTotp_exceptions_list'] = 'Befintliga undantag';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'Undantag återkallas';
+$PALANG['pTotp_exception_result_success'] = 'Undantag till';
+$PALANG['pTotp_exception_result_error'] = 'Kunde inte lägga till undantag';
+$PALANG['pEdit_totp_exception_result_error'] = 'Kan inte ändra TOTP undantag';
+$PALANG['pException_ip_empty_error'] = 'IP kan inte vara tom';
+$PALANG['pException_desc_empty_error'] = 'Beskrivning kan inte vara tom';
+$PALANG['pException_user_entire_domain_error'] = 'Endast administratörer kan lägga till undantag för en hel domän.';
+$PALANG['pException_user_global_error'] = 'Endast superadminer kan lägga till globala undantag';
+$PALANG['pUsersMain_app_passwords'] = 'Setup återkallande app lösenord med minskade privilegier';
+$PALANG['pApp_passwords_list'] = 'Befintliga applikationslösenord';
+$PALANG['pApp_password_revoked'] = 'Undantag återkallas';
+$PALANG['pApp_passwords_welcome'] = 'Lägg till applikationslösenord';
+$PALANG['pAppPassAdd_result_success'] = 'Lägga till ett applikationslösenord';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Lösenord kan inte vara tomt';
+$PALANG['pAppPassAdd_result_error'] = 'Kunde inte lägga till applikationslösenord';
+$PALANG['MFA_submit'] = 'Bekräfta inloggning';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Lägg till TOTP undantag';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Ta bort TOTP undantag';
+$PALANG['pViewlog_action_add_app_password'] = 'Lägg till applikationslösenord';
+$PALANG['mailbox_postapppassword_failed'] = 'Postappsword-skriptet misslyckades, kontrollera felloggen för detaljer!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Post totp undantag bort script misslyckades, kontrollera felloggen för detaljer!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Post totp undantag lägg till skript misslyckades, kontrollera felloggen för detaljer!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Post totp Secret Change script misslyckades, kontrollera felloggen för detaljer!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP är redan konfigurerat för detta konto, vill du ändra din hemlighet?';
+
+$PALANG['pApp_passwords_add'] = 'Lägg till programspecifikt lösenord';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/tr.lang

@@ -441,6 +441,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Yasadışı karakter';
+$PALANG['copy'] = 'Kopya kopya';
+$PALANG['generate'] = 'Genrate';
+$PALANG['pMenu_security'] = 'Güvenlik Güvenliği';
+$PALANG['pMenu_totp'] = 'TOTP';
+$PALANG['pMenu_totp_exceptions'] = 'TOTP istisnaları';
+$PALANG['pMenu_app_passwords'] = 'Başvuru şifreleri';
+$PALANG['pUsersMain_totp_exceptions'] = 'TOTP olmadan posta kutunuza erişmek için güvenilir IP-addresses izin verin';
+$PALANG['pUsersMenu_totp'] = 'TOTP Change TOTP';
+$PALANG['pTOTP_welcome'] = 'Zaman tabanlı One-time Şifrenizi Değiştirin';
+$PALANG['pUsersMain_totp'] = 'Zaman tabanlı One-time Şifrenizi Değiştirin';
+$PALANG['pTOTP_secret'] = 'TOTP sırrı';
+$PALANG['pTOTP_code'] = 'TOTP kodu';
+$PALANG['pTOTP_secret_result_error'] = 'TOTP sırrını değiştiremez';
+$PALANG['change_TOTP'] = 'TOTP ayarlarını değiştirin';
+$PALANG['pTOTP_code_mismatch'] = 'Incorrect one-time-password girdi';
+$PALANG['pTOTP_qr'] = 'TOTP QR-code';
+$PALANG['pTOTP_confirm'] = 'Lütfen mevcut TOTP kodunu sağlayarak girişinizi onaylayın';
+$PALANG['pTotp_failed'] = 'Giriş kodunız geçerli değildir. Lütfen mevcut bir kodu kullanın.';
+$PALANG['pTotp_stored'] = 'Yeni TOTP sırrını başarıyla doğruladınız.';
+$PALANG['pTotp_exceptions_welcome'] = 'TOPT-exempt adresini ekleyin';
+$PALANG['pTotp_exceptions_user'] = 'Username (veya yönetici için alan)';
+$PALANG['pTotp_exceptions_add'] = 'Ekle istisna ek';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = 'Açıklama';
+$PALANG['pTotp_exceptions_list'] = 'Mevcut istisnalar istisnalar';
+$PALANG['pTotp_exceptions_revoke'] = 'Revoke';
+$PALANG['pTotp_exceptions_revoked'] = 'İstismar geri döndü';
+$PALANG['pTotp_exception_result_success'] = 'İstisna eklendi';
+$PALANG['pTotp_exception_result_error'] = 'istisna eklemek mümkün olmayabilir';
+$PALANG['pEdit_totp_exception_result_error'] = 'TOTP istisnalarını değiştirmek için kullanılamaz';
+$PALANG['pException_ip_empty_error'] = 'IP boş olamaz';
+$PALANG['pException_desc_empty_error'] = 'Açıklama boş olamaz';
+$PALANG['pException_user_entire_domain_error'] = 'Sadece yöneticiler tüm bir alan için istisnalar ekleyebilir.';
+$PALANG['pException_user_global_error'] = 'Sadece süper yöneticiler küresel istisnalar ekleyebilir';
+$PALANG['pUsersMain_app_passwords'] = 'Kurulum, daha düşük ayrıcalıklarla revize edilebilir uygulama şifrelerini revize eder';
+$PALANG['pApp_passwords_list'] = 'Mevcut uygulama şifreleri';
+$PALANG['pApp_password_revoked'] = 'İstismar geri döndü';
+$PALANG['pApp_passwords_welcome'] = 'Uygulama parolasını ekleyin';
+$PALANG['pAppPassAdd_result_success'] = 'Bir uygulama şifresi eklendi';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Şifre boş olamaz';
+$PALANG['pAppPassAdd_result_error'] = 'Uygulama şifresini ekleyebilir';
+$PALANG['MFA_submit'] = 'Onay girişi';
+$PALANG['pViewlog_action_add_totp_exception'] = 'TOTP istisna ek';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Delete TOTP istisna';
+$PALANG['pViewlog_action_add_app_password'] = 'Uygulama parolasını ekleyin';
+$PALANG['mailbox_postapppassword_failed'] = 'Posta kutusu postapppassword senaryosu başarısız oldu, ayrıntıları için hata logunu kontrol edin!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Posta kutusu post totp exception delete script başarısız oldu, ayrıntıları için hata logunu kontrol edin!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Posta kutusu post totp exception add script başarısız oldu, ayrıntıları için hata logunu kontrol edin!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Posta kutusu mesajı gizli değişiklik senaryosu başarısız oldu, ayrıntıları için hata logunu kontrol edin!';
+
+$PALANG['TOTP_already_configured'] = 'TOTP zaten bu hesap için yapılandırılmıştır, sırrını değiştirmek ister misiniz?';
+
+$PALANG['pApp_passwords_add'] = 'Uygulamaya özel şifre ekleyin';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/tw.lang

@@ -443,6 +443,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = '非法性质';
+$PALANG['copy'] = '页: 1';
+$PALANG['generate'] = '基因';
+$PALANG['pMenu_security'] = '安全';
+$PALANG['pMenu_totp'] = '附 件';
+$PALANG['pMenu_totp_exceptions'] = '附 件';
+$PALANG['pMenu_app_passwords'] = '申请密码';
+$PALANG['pUsersMain_totp_exceptions'] = '允许信使的IP地址在无邮管处的情况下进入你的邮箱';
+$PALANG['pUsersMenu_totp'] = 'B. 变革';
+$PALANG['pTOTP_welcome'] = '设置基于时间的一次性密码';
+$PALANG['pUsersMain_totp'] = '设置基于时间的一次性密码';
+$PALANG['pTOTP_secret'] = '附 件';
+$PALANG['pTOTP_code'] = 'TP代码';
+$PALANG['pTOTP_secret_result_error'] = '不能改变秘密做法';
+$PALANG['change_TOTP'] = 'A. 变化情况';
+$PALANG['pTOTP_code_mismatch'] = '输入的单时密码不正确';
+$PALANG['pTOTP_qr'] = 'TOTP QR 代码';
+$PALANG['pTOTP_confirm'] = '请通过提供您目前的《入境许可证法》确认您的原样。';
+$PALANG['pTotp_failed'] = '你加入的法典无效。 请使用现行法典。';
+$PALANG['pTotp_stored'] = '你成功地确认了你的新的特工秘密。';
+$PALANG['pTotp_exceptions_welcome'] = '致开幕词';
+$PALANG['pTotp_exceptions_user'] = '用户名(或行政领域)';
+$PALANG['pTotp_exceptions_add'] = '增 编';
+$PALANG['pTotp_exceptions_address'] = 'IP-Address';
+$PALANG['pTotp_exceptions_description'] = '说明';
+$PALANG['pTotp_exceptions_list'] = '现有例外';
+$PALANG['pTotp_exceptions_revoke'] = '退约';
+$PALANG['pTotp_exceptions_revoked'] = '撤销的例外情况';
+$PALANG['pTotp_exception_result_success'] = '例外增加';
+$PALANG['pTotp_exception_result_error'] = '否';
+$PALANG['pEdit_totp_exception_result_error'] = '无法修改许可证制度的例外情况';
+$PALANG['pException_ip_empty_error'] = '知识产权不能空洞';
+$PALANG['pException_desc_empty_error'] = '描述不能空洞';
+$PALANG['pException_user_entire_domain_error'] = '只有行政才能增加整个领域的例外情况。';
+$PALANG['pException_user_global_error'] = '只有超级行政才能增加全球例外情况';
+$PALANG['pUsersMain_app_passwords'] = '设置可撤销的、特权减少的密码';
+$PALANG['pApp_passwords_list'] = '现有申请密码';
+$PALANG['pApp_password_revoked'] = '撤销的例外情况';
+$PALANG['pApp_passwords_welcome'] = '附录';
+$PALANG['pAppPassAdd_result_success'] = '添加申请密码';
+$PALANG['pAppPassAdd_pass_empty_error'] = '口号不能空洞';
+$PALANG['pAppPassAdd_result_error'] = '不要增加申请密码';
+$PALANG['MFA_submit'] = 'Confirmlogin';
+$PALANG['pViewlog_action_add_totp_exception'] = '附 件';
+$PALANG['pViewlog_action_delete_totp_exception'] = '删除备选案文';
+$PALANG['pViewlog_action_add_app_password'] = '附录';
+$PALANG['mailbox_postapppassword_failed'] = '邮箱的邮递申请词稿失败,核对错误记录,以供参考!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = '邮箱邮箱邮箱破除稿失败,详细核对错误记录!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = '邮箱邮箱的特例添加文字失败,核对错误的标识,以供参考!';
+$PALANG['mailbox_post_TOTP_change_failed'] = '邮箱邮箱贴上秘密变更信稿的工作失败了,核对错误记录的细节!';
+
+$PALANG['TOTP_already_configured'] = '你是否想改变你的秘密?';
+
+$PALANG['pApp_passwords_add'] = '添加针对具体申请的密码';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

languages/ua.lang

@@ -456,6 +456,59 @@ $PALANG['To_Mailbox']                       = 'Mailbox'; # XXX # XXX
 $PALANG['To_Forward_Only']                  = 'Forward Only'; # XXX # XXX
 
 $PALANG['pLegal_char_warning'] = 'Нелегальний характер';
+$PALANG['copy'] = 'Партнерство';
+$PALANG['generate'] = 'Генерація';
+$PALANG['pMenu_security'] = 'Безпека';
+$PALANG['pMenu_totp'] = 'Твитнуть';
+$PALANG['pMenu_totp_exceptions'] = 'Виняток TOTP';
+$PALANG['pMenu_app_passwords'] = 'Заявка паролів';
+$PALANG['pUsersMain_totp_exceptions'] = 'Довіряємо IP-адресу для доступу до поштової скриньки без TOTP';
+$PALANG['pUsersMenu_totp'] = 'Змінення';
+$PALANG['pTOTP_welcome'] = 'Налаштування пароля на основі часу';
+$PALANG['pUsersMain_totp'] = 'Налаштування пароля на основі часу';
+$PALANG['pTOTP_secret'] = 'Секрет';
+$PALANG['pTOTP_code'] = 'Поштовий індекс';
+$PALANG['pTOTP_secret_result_error'] = 'Не можна змінити секрет TOTP';
+$PALANG['change_TOTP'] = 'Зміна налаштувань TOTP';
+$PALANG['pTOTP_code_mismatch'] = 'Некоректний одноразовий вхід';
+$PALANG['pTOTP_qr'] = 'QR-код';
+$PALANG['pTOTP_confirm'] = 'Будь ласка, підтвердіть свій логін, надавши Ваш поточний код';
+$PALANG['pTotp_failed'] = 'Ваш вхідний код не діє. Введіть номер мобільного, який Ви вказали при укладаннi договору з банком - для ідентифікації.';
+$PALANG['pTotp_stored'] = 'Ви успішно підтвердили свій новий секрет TOTP.';
+$PALANG['pTotp_exceptions_welcome'] = 'Додати адресу електронної пошти';
+$PALANG['pTotp_exceptions_user'] = 'Ім\'я користувача (або домен для адміністраторів)';
+$PALANG['pTotp_exceptions_add'] = 'Додати виключення';
+$PALANG['pTotp_exceptions_address'] = 'IP-додаток';
+$PALANG['pTotp_exceptions_description'] = 'Опис';
+$PALANG['pTotp_exceptions_list'] = 'За винятком';
+$PALANG['pTotp_exceptions_revoke'] = 'Редакція';
+$PALANG['pTotp_exceptions_revoked'] = 'Відкликання';
+$PALANG['pTotp_exception_result_success'] = 'Додатково';
+$PALANG['pTotp_exception_result_error'] = 'Не додавати виключення';
+$PALANG['pEdit_totp_exception_result_error'] = 'Неможливо змінити виключення TOTP';
+$PALANG['pException_ip_empty_error'] = 'IP не може бути порожнім';
+$PALANG['pException_desc_empty_error'] = 'Опис не може бути порожнім';
+$PALANG['pException_user_entire_domain_error'] = 'Тільки адміністратори можуть додати виключення для всього домену.';
+$PALANG['pException_user_global_error'] = 'Тільки суперадміністратори можуть додавати світові винятки';
+$PALANG['pUsersMain_app_passwords'] = 'Налаштування повторюваних паролів додатків з зниженими привілеїв';
+$PALANG['pApp_passwords_list'] = 'Розробка паролів додатків';
+$PALANG['pApp_password_revoked'] = 'Відкликання';
+$PALANG['pApp_passwords_welcome'] = 'Додати пароль';
+$PALANG['pAppPassAdd_result_success'] = 'Додано пароль заявки';
+$PALANG['pAppPassAdd_pass_empty_error'] = 'Пароль не може бути порожнім';
+$PALANG['pAppPassAdd_result_error'] = 'Не додавати пароль заявки';
+$PALANG['MFA_submit'] = 'Підтвердити логін';
+$PALANG['pViewlog_action_add_totp_exception'] = 'Додати виключення TOTP';
+$PALANG['pViewlog_action_delete_totp_exception'] = 'Виняток TOTP';
+$PALANG['pViewlog_action_add_app_password'] = 'Додати пароль';
+$PALANG['mailbox_postapppassword_failed'] = 'Скрипт поштових скриньок не вдалося, перевірте журнал помилки для деталей!';
+$PALANG['mailbox_post_totp_exception_delete_failed'] = 'Після видалення скрипта не вдалося, перевірте журнал помилки для деталей!';
+$PALANG['mailbox_post_totp_exception_add_failed'] = 'Виняток поштових скриньок додайте скрипт не вдалося, перевірте журнал помилки для деталей!';
+$PALANG['mailbox_post_TOTP_change_failed'] = 'Пост поштових скриньок не вдалося, перевірте журнал помилки для деталей!';
+
+$PALANG['TOTP_already_configured'] = 'Щоб змінити секрет?';
+
+$PALANG['pApp_passwords_add'] = 'Додавання пароля електронної пошти';
 
 $PALANG['please_keep_this_as_last_entry'] = ''; # needed for language-check.sh
 /* vim: set expandtab ft=php softtabstop=3 tabstop=3 shiftwidth=3: */

model/Login.php

@@ -198,4 +198,99 @@ class Login
 
         return true;
     }
+
+    /**
+     * @param string $username
+     * @param string $new_password
+     * @param string $old_password
+     *
+     * All passwords need to be plain text; they'll be hashed appropriately
+     * as per the configuration in config.inc.php
+     *
+     * @return boolean true on success; false on failure
+     * @throws \Exception if invalid user, or db update fails.
+     */
+    public function addAppPassword($username, $password, $app_desc, $app_pass): bool
+    {
+        list(/*NULL*/, $domain) = explode('@', $username);
+
+        if (!$app_pass) {
+            throw new \Exception(Config::Lang('pAppPassAdd_pass_empty_error'));
+        }
+        if (!$app_desc) {
+            throw new \Exception(Config::Lang('pException_desc_empty_error'));
+        }
+
+        if (!$this->login($username, $password)) {
+            throw new \Exception(Config::Lang('pPassword_password_current_text_error'));
+        }
+
+        $app_pass = pacrypt($app_pass);
+
+/* maybe we want this
+        if (Config::bool('password_expiration')) {
+            $domain = $this->getUserDomain($username);
+            if (!is_null($domain)) {
+                $password_expiration_value = (int)get_password_expiration_value($domain);
+                $set['password_expiry'] = date('Y-m-d H:i', strtotime("+$password_expiration_value day"));
+            }
+        }
+*/
+
+        // As PostgeSQL lacks REPLACE we first check and delete any previous rows matching this ip and user
+        $exists = db_query_all('SELECT id FROM mailbox_app_password WHERE username = :username AND description = :description',
+            ['username' => $username, 'description' => $app_desc,]);
+        if(isset($exists[0]))
+            foreach($exists as $x) db_delete('mailbox_app_password', 'id', $x['id']);
+        $result = db_insert('mailbox_app_password', ['username' => $username, 'description' => $app_desc, 'password_hash' => $app_pass ], Array());
+
+        if ($result != 1) {
+            db_log($domain, 'edit_password', "FAILURE: " . $username);
+            throw new \Exception(Config::lang('pAdd_app_password_result_error'));
+        }
+
+        db_log($domain, 'add_app_password', $username);
+
+        $cmd_pw = Config::read('mailbox_postapppassword_script');
+
+        if (empty($cmd_pw)) {
+            return true;
+        }
+
+        $warnmsg_pw = Config::Lang('mailbox_postapppassword_failed');
+
+        // If we have a mailbox_postpppassword_script
+
+        // Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
+        $spec = array(
+            0 => array("pipe", "r"), // stdin
+            1 => array("pipe", "w"), // stdout
+        );
+
+        $cmdarg1 = escapeshellarg($username);
+        $cmdarg2 = escapeshellarg($app_desc);
+
+        $command = "$cmd_pw $cmdarg1 $cmdarg2 2>&1";
+
+        $proc = proc_open($command, $spec, $pipes);
+
+        if (!$proc) {
+            throw new \Exception("can't proc_open $cmd_pw");
+        }
+
+        // Write passwords through pipe to command stdin -- provide old password, then new password.
+        fwrite($pipes[0], $app_pass . "\0", 1+strlen($app_pass));
+        $output = stream_get_contents($pipes[0]);
+        fclose($pipes[0]);
+
+        $retval = proc_close($proc);
+
+        if (0 != $retval) {
+            error_log("Running $command yielded return value=$retval, output was: " . json_encode($output));
+            throw new \Exception($warnmsg_pw);
+        }
+
+        return true;
+    }
+
 }

model/TotpPf.php

@@ -0,0 +1,429 @@
+<?php
+use OTPHP\TOTP;
+use Endroid\QrCode\Builder\Builder;
+use Endroid\QrCode\Encoding\Encoding;
+use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelHigh;
+use Endroid\QrCode\Label\Alignment\LabelAlignmentCenter;
+use Endroid\QrCode\Label\Font\NotoSans;
+use Endroid\QrCode\RoundBlockSizeMode\RoundBlockSizeModeMargin;
+use Endroid\QrCode\Writer\PngWriter;
+
+class TotpPf
+{
+    private string $key_table;
+    private string $table;
+    private Login $login;
+
+    public function __construct(string $tableName)
+    {
+        $ok = ['mailbox', 'admin'];
+
+        if (!in_array($tableName, $ok)) {
+            throw new \InvalidArgumentException("Unsupported tableName for TOTP: " . $tableName);
+        }
+        $this->table = $tableName;
+        $this->key_table = table_by_key($tableName);
+        $this->login = new Login($tableName);
+    }
+
+    /**
+     * @param string username to generate a code for
+     *
+     * @return Array
+     *      string TOTP_secret empty if NULL,
+     *      string &$qr_code for returning base64-encoded qr-code
+     *
+     * @throws \Exception if invalid user, or db update fails.
+     */
+    public function generate(string $username): array
+    {
+        $totp = TOTP::create();
+        $totp->setLabel($username);
+        $totp->setIssuer('Postfix Admin');
+        if(Config::read('logo_url'))
+            $totp->setParameter('image', Config::read('logo_url'));
+        $QR_content = $totp->getProvisioningUri();
+        $pTOTP_secret = $totp->getSecret();
+        unset($totp);
+        $QRresult = Builder::create()
+            ->writer(new PngWriter())
+            ->writerOptions([])
+            ->data($QR_content)
+            ->encoding(new Encoding('UTF-8'))
+            ->errorCorrectionLevel(new ErrorCorrectionLevelHigh())
+            ->size(300)
+            ->margin(10)
+            ->roundBlockSizeMode(new RoundBlockSizeModeMargin())
+            ->validateResult(false)
+            ->build();
+        $qr_code = base64_encode($QRresult->getString());
+        return Array($pTOTP_secret, $qr_code);
+    }
+
+    /**
+     * @param string $username
+     *
+     * @return boolean
+     */
+    public function usesTOTP($username): bool
+    {
+        if(!(Config::read('totp') == 'YES'))
+            return false;
+
+        $sql = "SELECT totp_secret FROM {$this->table} WHERE username = :username AND active = :active";
+
+        $active = db_get_boolean(true);
+
+        $values = [
+            'username' => $username,
+            'active' => $active,
+        ];
+
+        $result = db_query_one($sql, $values);
+        if (is_array($result) && isset($result['totp_secret']) && $result['totp_secret'] != '')
+            return true;
+        return false;
+    }
+
+    /**
+     * @param string $username
+     * @param string $code
+     *
+     * @return boolean
+     */
+    public function checkUserTOTP($username, $code): bool
+    {
+        $sql = "SELECT totp_secret FROM {$this->table} WHERE username = :username AND active = :active";
+
+        $active = db_get_boolean(true);
+
+        $values = [
+            'username' => $username,
+            'active' => $active,
+        ];
+
+        $result = db_query_one($sql, $values);
+        if (!is_array($result) || !isset($result['totp_secret'])) 
+            return false;
+
+        return $this->checkTOTP($result['totp_secret'], $username, $code);
+    }
+
+    /**
+     * @param string $secret
+     * @param string $username
+     * @param string $code
+     *
+     * @return boolean
+     */
+    public function checkTOTP($secret, $username, $code): bool
+    {
+        $totp = TOTP::create($secret);
+
+        if ( $totp->now() == $code )
+            return true;
+        else
+            return false;
+    }
+
+    /**
+     * @param string $username
+     * @param string $password
+     *
+     * @return string TOTP_secret, empty if NULL
+     * @throws \Exception if invalid user, or db update fails.
+     */
+    public function getTOTP_secret($username, $password): string
+    {
+        if (!$this->login->login($username, $password)) {
+            throw new \Exception(Config::Lang('pPassword_password_current_text_error'));
+        }
+
+        $sql = "SELECT totp_secret FROM {$this->table} WHERE username = :username AND active = :active";
+
+        $active = db_get_boolean(true);
+
+        $values = [
+            'username' => $username,
+            'active' => $active,
+        ];
+
+        $result = db_query_one($sql, $values);
+        if (is_array($result) && isset($result['totp_secret'])) {
+            return $result['totp_secret'];
+        } else {
+            return '';
+        }
+
+    }
+
+    /**
+     * @param string $username
+     * @param string $TOTP_secret
+     * @param string $password
+     *
+     * @return boolean true on success; false on failure
+     * @throws \Exception if invalid user, or db update fails.
+     */
+    public function changeTOTP_secret($username, $TOTP_secret, $password): bool
+    {
+        list(/*NULL*/, $domain) = explode('@', $username);
+
+        if (!$this->login->login($username, $password)) {
+            throw new \Exception(Config::Lang('pPassword_password_current_text_error'));
+        }
+
+        $set = array(
+                'totp_secret' => $TOTP_secret,
+                );
+
+        $result = db_update($this->table, 'username', $username, $set);
+
+        if ($result != 1) {
+            db_log($domain, 'edit_password', "FAILURE: " . $username);
+            throw new \Exception(Config::lang('pEdit_mailbox_result_error'));
+        }
+
+
+        $cmd_pw = Config::read('mailbox_post_TOTP_change_secret_script');
+
+        if (empty($cmd_pw)) {
+            return true;
+        }
+
+        $warnmsg_pw = Config::Lang('mailbox_post_TOTP_change_failed');
+
+        // If we have a mailbox_postpassword_script (dovecot only?)
+
+        // Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
+        $spec = array(
+                0 => array("pipe", "r"), // stdin
+                1 => array("pipe", "w"), // stdout
+                );
+
+        $cmdarg1 = escapeshellarg($username);
+        $cmdarg2 = escapeshellarg($domain);
+        $command = "$cmd_pw $cmdarg1 $cmdarg2 2>&1";
+
+        $proc = proc_open($command, $spec, $pipes);
+
+        if (!$proc) {
+            throw new \Exception("can't proc_open $cmd_pw");
+        }
+
+        // Write secret through pipe to command stdin.
+        fwrite($pipes[0], $TOTP_secret . "\0", 1+strlen($TOTP_secret));
+        $output = stream_get_contents($pipes[1]);
+        fclose($pipes[0]);
+        fclose($pipes[1]);
+
+        $retval = proc_close($proc);
+
+        if (0 != $retval) {
+            error_log("Running $command yielded return value=$retval, output was: " . json_encode($output));
+            throw new \Exception($warnmsg_pw);
+        }
+
+        return true;
+    }
+
+    /**
+     * @param string $username
+     * @param string $password
+     * @param string $Exception_ip
+     * @param string $Exception_user
+     * @param string $Exception_desc
+     *
+     * @return boolean true on success; false on failure
+     * @throws \Exception if invalid user, or db update fails.
+     */
+    public function addException(string $username, string $password, string $Exception_ip, string $Exception_user, string $Exception_desc): bool
+    {
+        $error = 0;
+
+        list($local_part, $domain) = explode('@', $username);
+
+        if (!$this->login->login($username, $password)) 
+            throw new \Exception(Config::Lang('pPassword_password_current_text_error'));
+
+        if (authentication_has_role('admin'))
+            $admin = 1;
+        elseif (authentication_has_role('global-admin'))
+            $admin = 2;
+        else
+            $admin = 0;
+
+        if (empty($Exception_ip)) {
+            $error += 1;
+            flash_error(Config::Lang('pException_ip_empty_error'));
+        }
+
+        if (empty($Exception_desc)) {
+            $error += 1;
+            flash_error(Config::Lang('pException_desc_empty_error'));
+        }
+
+        if ( !$admin && strpos($Exception_user,'@') == false ) {
+            $error += 1;
+            flash_error(Config::Lang('pException_user_entire_domain_error'));
+        }
+
+        if ( !($admin==2) && $Exception_user == NULL ) {
+            $error += 1;
+            flash_error(Config::Lang('pException_user_global_error'));
+        }
+
+
+        $values    = Array('ip' => $Exception_ip, 'username' => $Exception_user, 'description' => $Exception_desc);
+
+        if(!$error){
+            // OK to insert/replace.
+            // As PostgeSQL lacks REPLACE we first check and delete any previous rows matching this ip and user
+            $exists = db_query_all('SELECT id FROM totp_exception_address WHERE ip = :ip AND username = :username', 
+                    ['ip' => $Exception_ip, 'username' => $Exception_user]);
+            if(isset($exists[0]))
+                foreach($exists as $x) db_delete('totp_exception_address', 'id', $x['id']);
+            $result = db_insert('totp_exception_address', $values, Array());
+        }
+
+        if ($result != 1) {
+            db_log($domain, 'add_totp_exception', "FAILURE: " . $username);
+            throw new \Exception(Config::lang('pEdit_totp_exception_result_error'));
+        }
+
+
+        $cmd_pw = Config::read('mailbox_post_totp_exception_add_script');
+        if (empty($cmd_pw)) {
+            return true;
+        }
+        $warnmsg_pw = Config::Lang('mailbox_post_totp_exception_add_failed');
+        // If we have a mailbox_postpassword_script (dovecot only?)
+        // Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
+        $spec = array(
+                0 => array("pipe", "r"), // stdin
+                1 => array("pipe", "w"), // stdout
+                );
+        $cmdarg1 = escapeshellarg($username);
+        $cmdarg2 = escapeshellarg($Exception_ip);
+        $command = "$cmd_pw $cmdarg1 $cmdarg2 2>&1";
+        $proc = proc_open($command, $spec, $pipes);
+        if (!$proc) {
+            throw new \Exception("can't proc_open $cmd_pw");
+        }
+        fclose($pipes[0]);
+        fclose($pipes[1]);
+        $retval = proc_close($proc);
+        if (0 != $retval) {
+            error_log("Running $command yielded return value=$retval, output was: " . json_encode($retval));
+            throw new \Exception($warnmsg_pw);
+        }
+
+        return true;
+    }
+
+    /**
+     * @param string $username
+     * @param int $Exception_id
+     *
+     * @return boolean true on success; false on failure
+     * @throws \Exception if invalid user, or db update fails.
+     */
+    public function deleteException($username, $Exception_id): bool
+    {
+        $exception = $this->getException($Exception_id);
+        $error = 0;
+
+        if(strpos($exception['username'],'@'))
+            list($Exception_local_part, $Exception_domain) = explode('@', $exception['username']);
+        else
+            $Exception_domain = $exception['username'];
+
+        if (authentication_has_role('global-admin'))
+            $admin = 2;
+        elseif (authentication_has_role('admin'))
+            $admin = 1;
+        else
+            $admin = 0;
+
+
+        if ( !$admin && strpos($exception['username'],'@') !== false ) {
+            $error += 1;
+            throw new \Exception(Config::Lang('pException_user_entire_domain_error'));
+        }
+
+        if ( !($admin==2) && $exception['username'] == NULL ) {
+            $error += 1;
+            throw new \Exception(Config::Lang('pException_user_global_error'));
+        }
+
+        $result = db_delete('totp_exception_address', 'id', $exception['id']);
+
+        if ($result != 1) {
+            db_log($Exception_domain, 'pViewlog_action_delete_totp_exception', "FAILURE: " . $username);
+            throw new \Exception(Config::lang('pEdit_totp_exception_result_error'));
+        }
+
+
+        $cmd_pw = Config::read('mailbox_post_totp_exception_delete_script');
+        if (empty($cmd_pw)) {
+            return true;
+        }
+        $warnmsg_pw = Config::Lang('mailbox_post_totp_exception_delete_failed');
+        // If we have a mailbox_postpassword_script (dovecot only?)
+        // Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
+        $spec = array(
+                0 => array("pipe", "r"), // stdin
+                1 => array("pipe", "w"), // stdout
+                );
+        $cmdarg1 = escapeshellarg($username);
+        $cmdarg2 = escapeshellarg($exception['ip']);
+        $command = "$cmd_pw $cmdarg1 $cmdarg2 2>&1";
+        $proc = proc_open($command, $spec, $pipes);
+        if (!$proc) {
+            throw new \Exception("can't proc_open $cmd_pw");
+        }
+        // Write secret through pipe to command stdin.
+        $output = stream_get_contents($pipes[1]);
+        fclose($pipes[0]);
+        fclose($pipes[1]);
+        $retval = proc_close($proc);
+        if (0 != $retval) {
+            error_log("Running $command yielded return value=$retval, output was: " . json_encode($output));
+            throw new \Exception($warnmsg_pw);
+        }
+
+        return true;
+    }
+
+    /**
+     * @return array of all exceptions 
+     */
+    public function getAllExceptions(): array
+    {
+        return db_query_all("SELECT * FROM totp_exception_address");
+    }
+
+    /**
+     * @param string $username
+     *
+     * @return array of exceptions acting on this username
+     */
+    public function getExceptionsFor($username): array
+    {
+        list($local_part, $domain) = explode('@', $username);
+        return db_query_all("SELECT * FROM totp_exception_address WHERE username = :username OR username = :domain OR username IS NULL",['username' => $username, 'domain' => $domain]);
+    }
+
+    /**
+     * @param int $id
+     *
+     * @return array the exception with this id
+     */
+    public function getException(int $id): array
+    {
+        return db_query_one("SELECT * FROM totp_exception_address WHERE id=$id");
+    }
+
+
+}
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

psalm.xml

@@ -14,6 +14,7 @@
             <directory name="tests" />
             <directory name="templates_c" />
             <directory name="ADDITIONS/" />
+            <directory name="scripts/examples" />
         </ignoreFiles>
     </projectFiles>
 

public/app-passwords.php

@@ -0,0 +1 @@
+users/app-passwords.php

public/login-mfa.php

@@ -0,0 +1,87 @@
+<?php
+/**
+ * Postfix Admin
+ *
+ * LICENSE
+ * This source file is subject to the GPL license that is bundled with
+ * this package in the file LICENSE.TXT.
+ *
+ * Further details on the project are available at http://postfixadmin.sf.net
+ *
+ * @version $Id$
+ * @license GNU GPL v2 or later.
+ *
+ * File: login-totp.php
+ * Authenticates a user, and populates their $_SESSION as appropriate.
+ * Template File: login.tpl
+ *
+ * Template Variables:
+ *
+ *  none
+ *
+ * Form POST \ GET Variables:
+ *
+ *  fUsername
+ *  fPassword
+ *  token
+ *  lang
+ */
+
+require_once('common.php');
+
+$CONF = Config::getInstance()->getAll();
+$smarty = PFASmarty::getInstance();
+$error = '';
+
+if (authentication_has_role("admin")) {
+    header("Location: main.php");
+    exit(0);
+}
+
+if (isset($_GET["abort"]) && $_GET["abort"] == "1" && authentication_mfa_incomplete()){
+    session_unset();
+    session_destroy();
+    session_start();
+    header("Location: login.php");
+    exit(0);
+}
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+    if (!isset($_SESSION['PFA_token'])) {
+        die("Invalid token (session timeout; refresh the page and try again?)");
+    }
+
+    if (safepost('token') != $_SESSION['PFA_token']) {
+        die('Invalid token! (CSRF check failed)');
+    }
+
+    $totppf = new TotpPf('admin');
+    $fTotp = safepost('fTOTP_code');
+    $h = new AdminHandler();
+
+    if (authentication_mfa_incomplete() && $totppf->checkUserTOTP(authentication_get_username(), $fTotp)) {
+        init_session(authentication_get_username(), true, true);
+
+        // get superadmin status and store in session
+        $h->init(authentication_get_username());
+        if ($h->result()['superadmin'] == 1) {
+            $_SESSION['sessid']['roles'][] = 'global-admin';
+        }
+        header("Location: main.php");
+        exit(0);
+    } else {
+        error_log("PostfixAdmin admin second factor login failed (username: " . authentication_get_username() . ", ip_address: {$_SERVER['REMOTE_ADDR']})");
+        $error = $PALANG['pTotp_failed'];
+        flash_error($PALANG['pTotp_failed']);
+    }
+}
+
+$_SESSION['PFA_token'] = md5(uniqid("pfa" . rand(), true));
+
+$smarty->assign('pTOPT_code_text', $error);
+$smarty->assign('smarty_template', 'login-mfa');
+$smarty->assign('language_selector', language_selector(), false);
+$smarty->assign('forgotten_password_reset', Config::bool('forgotten_admin_password_reset'));
+$smarty->display('index.tpl');
+
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

public/login.php

@@ -39,6 +39,11 @@ if ($CONF['configured'] !== true) {
 
 check_db_version(); # check if the database layout is up to date (and error out if not)
 
+if (authentication_mfa_incomplete()) {
+    header("Location: login-mfa.php");
+    exit;
+}
+
 if ($_SERVER['REQUEST_METHOD'] == "POST") {
     if (!isset($_SESSION['PFA_token'])) {
         die("Invalid token (session timeout; refresh the page and try again?)");
@@ -48,6 +53,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
         die('Invalid token! (CSRF check failed)');
     }
 
+    $totppf = new TotpPf('admin');
+
     $lang = safepost('lang');
     $fUsername = trim(safepost('fUsername'));
     $fPassword = safepost('fPassword');
@@ -79,6 +86,12 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
             $_SESSION['sessid']['roles'][] = 'global-admin';
         }
 
+        if ($totppf->usesTOTP($fUsername)) {
+            init_session($fUsername, true, false);
+            header("Location: login-mfa.php");
+            exit(0);
+        }
+        init_session($fUsername, true, true);
         header("Location: main.php");
         exit(0);
     } else { # $h->login failed

public/totp-exceptions.php

@@ -0,0 +1 @@
+users/totp-exceptions.php

public/totp.php

@@ -0,0 +1 @@
+users/totp.php

public/upgrade.php

@@ -2260,3 +2260,68 @@ function upgrade_1848_sqlite()
             ON DELETE CASCADE) {COLLATE};
     ");
 }
+
+/**
+ * Add TOTP fields
+ * @return void
+ */
+function upgrade_1849_mysql()
+{
+    _db_add_field('mailbox', 'totp_secret', "VARCHAR(255) {UTF-8}  DEFAULT NULL", 'password_expiry');
+    _db_add_field('admin',   'totp_secret', "VARCHAR(255) {UTF-8}  DEFAULT NULL", 'vacation_notification');
+
+    $totp_exception_table = table_by_key('totp_exception_address');
+    db_query_parsed("
+        CREATE TABLE {IF_NOT_EXISTS} $totp_exception_table (
+            `id` {AUTOINCREMENT} {PRIMARY},
+            `ip` varchar(46) NOT NULL,
+            `username` varchar(255) DEFAULT NULL,
+            `description` varchar(255) DEFAULT NULL,
+            UNIQUE KEY ip_user (`ip`,`username`)
+        )
+    ");
+
+    $app_password_table = 'mailbox_app_password';
+    db_query_parsed("
+        CREATE TABLE {IF_NOT_EXISTS} $app_password_table (
+            `id` {AUTOINCREMENT} {PRIMARY},
+            `username` varchar(255) DEFAULT NULL,
+            `description` varchar(255) DEFAULT NULL,
+            `password_hash` varchar(255) DEFAULT NULL
+        )
+    ");
+}
+/**
+ * Add TOTP fields
+ * @return void
+ */
+function upgrade_1849_pgsql()
+{
+    _db_add_field('mailbox', 'totp_secret', "VARCHAR(255) {UTF-8}  DEFAULT NULL", 'password_expiry');
+    _db_add_field('admin',   'totp_secret', "VARCHAR(255) {UTF-8}  DEFAULT NULL", 'vacation_notification');
+
+    if (!_pgsql_object_exists('totp_exception_address')) {
+        db_query_parsed("
+            CREATE TABLE {IF_NOT_EXISTS} totp_exception_address (
+                id {AUTOINCREMENT} {PRIMARY},
+                ip varchar(46) NOT NULL,
+                username varchar(255) DEFAULT NULL,
+                description varchar(255) DEFAULT NULL
+            );
+        ");
+        db_query_parsed("
+            CREATE UNIQUE INDEX ip_user ON totp_exception_address (ip,username)
+        ");
+    }
+    if (!_pgsql_object_exists('mailbox_app_password')) {
+        db_query_parsed("
+            CREATE TABLE {IF_NOT_EXISTS} mailbox_app_password(
+                id {AUTOINCREMENT} {PRIMARY},
+                username varchar(255) DEFAULT NULL,
+                description varchar(255) DEFAULT NULL,
+                password_hash varchar(255) DEFAULT NULL
+            )
+        ");
+    }
+}
+

public/users/app-passwords.php

@@ -0,0 +1,126 @@
+<?php
+/**
+ * Postfix Admin
+ *
+ * LICENSE
+ * This source file is subject to the GPL license that is bundled with
+ * this package in the file LICENSE.TXT.
+ *
+ * Further details on the project are available at http://postfixadmin.sf.net
+ *
+ * @version $Id$
+ * @license GNU GPL v2 or later.
+ *
+ * File: app-passwords.php
+ * Used by users to view and change their app passwords.
+ * Template File: app-passwords.tpl
+ *
+ *
+ * Form POST \ GET Variables:
+ *
+ * fPassword_current
+ * fAppDesc
+ * fAppPass
+ * fAppId
+ * 
+ */
+
+require_once('../common.php');
+
+$smarty = PFASmarty::getInstance();
+$smarty->configureTheme('../');
+
+$username          = authentication_get_username();
+$pPassword_text    = "";
+$pUser_text        = '';
+$pUser             = '';
+
+if (authentication_has_role('global-admin')){
+    $login = new Login('admin');
+    $admin = 2;
+}elseif (authentication_has_role('admin')){
+    $login = new Login('admin');
+    $admin = 1;
+}else{
+    $login = new Login('mailbox');
+    $admin = 0;
+}
+
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+    if (safepost('token') != $_SESSION['PFA_token']) {
+        die('Invalid token!');
+    }
+
+    if (isset($_POST['fCancel'])) {
+        header("Location: main.php");
+        exit(0);
+    }
+
+    if(isset($_POST['fAppPass'])){
+        $fPass      = $_POST['fPassword_current'];
+        $fAppDesc   = $_POST['fAppDesc'];
+        $fAppPass   = $_POST['fAppPass'];
+        addAppPassword($username, $fPass, $fAppPass, $fAppDesc, $admin, $login, $PALANG);
+    }
+    if(isset($_POST['fAppId'])){
+        $fAppId     = $_POST['fAppId'];
+        revokeAppPassword($username, $fAppId, $login, $PALANG);
+    }
+    
+}
+
+if($admin==2)$passwords    = getAllAppPasswords();
+else $passwords            = getAppPasswordsFor($username);
+
+foreach($passwords as $n => $pass){
+    if($pass['username'] == $username)
+        $passwords[$n]['edit'] = 1;
+    if($admin == 2)
+        $passwords[$n]['edit'] = 1;
+}
+
+
+
+
+$smarty->assign('SESSID_USERNAME', $username);
+$smarty->assign('pPassword_text', $pPassword_text, false);
+$smarty->assign('pUser_text', $pUser_text, false);
+$smarty->assign('pUser', $pUser, false);
+$smarty->assign('pPasswords', $passwords, false);
+$smarty->assign('smarty_template', 'app-passwords');
+$smarty->display('index.tpl');
+
+
+
+function addAppPassword($username, $fPass, $fAppPass, $fAppDesc, $admin, $login, $PALANG){
+    try {
+        if ($login->addAppPassword($username, $fPass, $fAppDesc, $fAppPass)) {
+            flash_info($PALANG['pAppPassAdd_result_success']);
+            header("Location: app-passwords.php");
+            exit(0);
+        } else {
+            flash_error(Config::Lang_f('pAppPassAdd_result_error', $username));
+        }
+    } catch (\Exception $e) {
+        flash_error($e->getMessage());
+    }
+}
+
+function revokeAppPassword($username, $fAppId, $login, $PALANG){
+    // No extra password check by design, user might be in a hurry
+    $result = db_delete('mailbox_app_password', 'id', $fAppId);
+    if($result == 1)flash_info($PALANG['pTotp_exceptions_revoked']);
+    else flash_error($PALANG['pPassword_result_error']);
+}
+
+function getAllAppPasswords(){
+    return db_query_all("SELECT * FROM mailbox_app_password");
+}
+
+function getAppPasswordsFor($username){
+    return db_query_all("SELECT * FROM mailbox_app_password WHERE username = :username", ['username' => $username]);
+}
+
+
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

public/users/login-mfa.php

@@ -0,0 +1,80 @@
+<?php
+/**
+ * Postfix Admin
+ *
+ * LICENSE
+ * This source file is subject to the GPL license that is bundled with
+ * this package in the file LICENSE.TXT.
+ *
+ * Further details on the project are available at http://postfixadmin.sf.net
+ *
+ * @version $Id$
+ * @license GNU GPL v2 or later.
+ *
+ * File: login-totp.php
+ * Authenticates a user, and populates their $_SESSION as appropriate.
+ * Template File: login.tpl
+ *
+ * Template Variables:
+ *
+ *  none
+ *
+ * Form POST \ GET Variables:
+ *
+ *  fUsername
+ *  fPassword
+ *  token
+ *  lang
+ */
+
+$rel_path = '../';
+require_once('../common.php');
+
+if (authentication_has_role("user")) {
+    header("Location: main.php");
+    exit(0);
+}
+
+if ($_GET["abort"] == "1" && authentication_mfa_incomplete()){
+    session_unset();
+    session_destroy();
+    session_start();
+    header("Location: login.php");
+    exit(0);
+}
+
+$CONF = Config::getInstance()->getAll();
+$smarty = PFASmarty::getInstance();
+$smarty->configureTheme('../');
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+    if (!isset($_SESSION['PFA_token'])) {
+        die("Invalid token (session timeout; refresh the page and try again?)");
+    }
+
+    if (safepost('token') != $_SESSION['PFA_token']) {
+        die('Invalid token! (CSRF check failed)');
+    }
+
+    $totppf = new TotpPf('mailbox');
+    $fTotp = safepost('fTOTP_code');
+
+    if (authentication_mfa_incomplete() && $totppf->checkUserTOTP(authentication_get_username(), $fTotp)) {
+        init_session(authentication_get_username(), false, true);
+        header("Location: main.php");
+        exit(0);
+    } else { # $h->login failed
+        error_log("PostfixAdmin admin second factor login failed (username: " . authentication_get_username() . ", ip_address: {$_SERVER['REMOTE_ADDR']})");
+        flash_error($PALANG['pTotp_failed']);
+    }
+}
+
+$_SESSION['PFA_token'] = md5(uniqid("pfa" . rand(), true));
+
+$smarty->assign('logintype', 'user');
+$smarty->assign('smarty_template', 'login-mfa');
+$smarty->assign('language_selector', language_selector(), false);
+$smarty->assign('forgotten_password_reset', Config::bool('forgotten_admin_password_reset'));
+$smarty->display('index.tpl');
+
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

public/users/login.php

@@ -37,15 +37,23 @@ check_db_version(); # check if the database layout is up to date (and error out
 
 $error = null;
 
+if (authentication_mfa_incomplete()) {
+    header("Location: login-mfa.php");
+    exit;
+}
+
 if ($_SERVER['REQUEST_METHOD'] == "POST") {
     if (safepost('token') != $_SESSION['PFA_token']) {
         die('Invalid token!');
     }
 
+    $totppf = new TotpPf('mailbox');
+
     $lang = safepost('lang');
     $fUsername = trim(safepost('fUsername'));
     $fPassword = safepost('fPassword');
 
+
     if ($lang != check_language(false)) { # only set cookie if language selection was changed
         setcookie('lang', $lang, time() + 60 * 60 * 24 * 30); # language cookie, lifetime 30 days
         # (language preference cookie is processed even if username and/or password are invalid)
@@ -53,7 +61,12 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
 
     $login = new Login('mailbox');
     if ($login->login($fUsername, $fPassword)) {
-        init_session($fUsername, false);
+        if ($totppf->usesTOTP($fUsername)) {
+            init_session($fUsername, false, false);
+            header("Location: login-mfa.php");
+            exit;
+        }
+        init_session($fUsername, false, true);
         header("Location: main.php");
         exit;
     } else {

public/users/totp-exceptions.php

@@ -0,0 +1,132 @@
+<?php
+/**
+ * Postfix Admin
+ *
+ * LICENSE
+ * This source file is subject to the GPL license that is bundled with
+ * this package in the file LICENSE.TXT.
+ *
+ * Further details on the project are available at http://postfixadmin.sf.net
+ *
+ * @version $Id$
+ * @license GNU GPL v2 or later.
+ *
+ * File: totp-exceptions.php
+ * Used by users to view and change their totp exception addresses.
+ * Template File: totp-exception.tpl
+ *
+ *
+ * Form POST \ GET Variables:
+ *
+ * fPassword_current
+ * fIp
+ * fDesc
+ * fUser
+ * fId
+ * 
+ */
+
+require_once('common.php');
+
+$smarty = PFASmarty::getInstance();
+$smarty->configureTheme('../');
+
+$username                   = authentication_get_username();
+list($local_part, $domain)  = explode('@', $username);
+$pPassword_text             = "";
+$pUser_text                 = '';
+$pUser                      = '';
+
+$username   = authentication_get_username();
+
+if (authentication_has_role('global-admin')){
+    $login = new Login('admin');
+    $totppf = new TotpPf('admin');
+    $admin = 2;
+}elseif (authentication_has_role('admin')){
+    $login = new Login('admin');
+    $totppf = new TotpPf('admin');
+    $admin = 1;
+}else{
+    $login = new Login('mailbox');
+    $totppf = new TotpPf('mailbox');
+    $admin = 0;
+}
+
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+    if (safepost('token') != $_SESSION['PFA_token']) {
+        die('Invalid token!');
+    }
+
+    if (isset($_POST['fCancel'])) {
+        header("Location: main.php");
+        exit(0);
+    }
+    
+    if(isset($_POST['fPassword_current']) && $_POST['fPassword_current'] != ''){
+        $fPass      = $_POST['fPassword_current'];
+        $fIp        = $_POST['fIp'];
+        $fDesc      = $_POST['fDesc'];
+        $fUser      = $_POST['fUser'];
+        add_exception($username, $fPass, $fIp, $fDesc, $fUser, $admin, $totppf, $PALANG);
+    }
+    if(isset($_POST['fId']) && $_POST['fId'] != ''){
+        $fId        = $_POST['fId'];
+        revoke_exception($username, $fId, $totppf, $PALANG);
+    }
+}
+
+
+// Generate list of existing exceptions
+
+if($admin==2)$exceptions    = $totppf->getAllExceptions();
+else $exceptions            = $totppf->getExceptionsFor($username);
+
+// User can revoke exceptions for own username
+// Admins can revoke exceptions for own domain
+// Global-admin can revoke all exceptions
+foreach($exceptions as $n => $ex){
+    if($ex['username'] == $username)
+        $exceptions[$n]['edit'] = 1;
+    if($admin == 2)
+        $exceptions[$n]['edit'] = 1;
+    if($admin==1 && $ex['username'] == $domain)
+        $exceptions[$n]['edit'] = 1;
+}
+
+
+
+$smarty->assign('SESSID_USERNAME', $username);
+$smarty->assign('pPassword_text', $pPassword_text, false);
+$smarty->assign('pUser_text', $pUser_text, false);
+$smarty->assign('pUser', $pUser, false);
+#$smarty->assign('', $, false);
+$smarty->assign('pExceptions', $exceptions, false);
+$smarty->assign('smarty_template', 'totp-exceptions');
+$smarty->display('index.tpl');
+
+
+
+function add_exception($username, $fPassword_current, $fException_ip, $fException_desc, $fException_user, $admin, $totppf, $PALANG){
+    try {
+        if ($totppf->addException($username, $fPassword_current, $fException_ip, $fException_user, $fException_desc)) {
+            flash_info($PALANG['pTotp_exception_result_success']);
+            header("Location: totp-exceptions.php");
+            exit(0);
+        } else {
+            flash_error($PALANG['pTotp_exception_result_error']);
+        }
+    } catch (\Exception $e) {
+        flash_error($e->getMessage());
+    }
+}
+
+function revoke_exception($username, $id, $totppf, $PALANG){
+    // No extra password check by design, user might be in a hurry
+    $result = $totppf->deleteException($username, $id);
+    if($result)flash_info($PALANG['pTotp_exceptions_revoked']);
+}
+
+
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

public/users/totp.php

@@ -0,0 +1,118 @@
+<?php
+
+/**
+ * Postfix Admin
+ *
+ * LICENSE
+ * This source file is subject to the GPL license that is bundled with
+ * this package in the file LICENSE.TXT.
+ *
+ * Further details on the project are available at http://postfixadmin.sf.net
+ *
+ * @version $Id$
+ * @license GNU GPL v2 or later.
+ *
+ * File: totp.php
+ * Used by users to change their mailbox (and login) totp.
+ * Template File: totp.tpl
+ *
+ *
+ * Form POST \ GET Variables:
+ *
+ * fPassword_current
+ * fTOTP_code
+ * fTOTP_secret
+ */
+
+require_once('../common.php');
+
+$smarty = PFASmarty::getInstance();
+$smarty->configureTheme('../');
+
+$username                                    = authentication_get_username();
+$pPassword_password_current_text             = "";
+$pTOTP_code_text                             = "";
+$pTOTP_secret_text                           = "";
+$pTOTP_now                                   = "";
+$pPassword_password_text                     = "";
+$pQR_raw               	                     = "";
+
+if (authentication_has_role('admin')){
+    $totppf = new TotpPf('admin');
+    $login  = new Login('admin');
+    $admin = true;
+}else{
+    $totppf = new TotpPf('mailbox');
+    $login  = new Login('mailbox');
+    $admin = false;
+}
+
+
+// Create new OTP-object 
+// Generate random secret and resulting QR code
+list($pTOTP_secret, $pQR_raw) = $totppf->generate($username);
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+    if (safepost('token') != $_SESSION['PFA_token']) {
+        die('Invalid token!');
+    }
+
+    if (isset($_POST['fCancel'])) {
+        header("Location: main.php");
+        exit(0);
+    }
+
+    $fPassword_current  = $_POST['fPassword_current'];
+    $fTOTP_secret       = $_POST['fTOTP_secret'];
+    $fTOTP_code         = $_POST['fTOTP_code'];
+    $secreterror        = 0;
+
+    if (!$login->login($username, $fPassword_current)) {
+        $secreterror += 1;
+        $pPassword_password_current_text = $PALANG['pPassword_password_current_text_error'];
+    }
+
+    // Does entered code from 2FA-app match the secret
+    if($fTOTP_code == '') {
+        $code_checks_out    = true;
+        $fTOTP_secret       = NULL;
+    }
+    else
+        $code_checks_out = $totppf->checkTOTP($fTOTP_secret,  $username, $fTOTP_code);
+
+    // Check that user has successfully generated a TOTP with external device
+    if (!$code_checks_out){
+        $secreterror += 1;
+        flash_error($PALANG['pTOTP_code_mismatch']);
+    }
+
+    // If TOTP checks out -> store secret in DB
+    if ($secreterror == 0) {
+        try {
+            if($totppf->changeTOTP_secret($username, $fTOTP_secret, $fPassword_current)){
+                flash_info($PALANG['pTotp_stored']);
+            } else {
+                flash_error(Config::Lang_f('pTOTP_secret_result_error', $username));
+            }
+        } catch (\Exception $e) {
+            flash_error($e->getMessage());
+        }
+    }
+   
+}
+
+if( $totppf->usesTOTP($username))   $smarty->assign('show_form', 'hidden');
+else                                $smarty->assign('show_form', 'visible');
+$smarty->assign('SESSID_USERNAME', $username);
+$smarty->assign('admin', $admin);
+$smarty->assign('pPassword_password_current_text', $pPassword_password_current_text, false);
+$smarty->assign('pTOTP_code_text', $pTOTP_code_text, false);
+$smarty->assign('pTOTP_secret_text', $pTOTP_secret_text, false);
+$smarty->assign('pPassword_password_text', $pPassword_password_text, false);
+$smarty->assign('pQR_raw', $pQR_raw, false);
+$smarty->assign('pTOTP_secret', $pTOTP_secret, false);
+$smarty->assign('pTOTP_now', $pTOTP_now, false);
+$smarty->assign('smarty_template', 'totp');
+$smarty->display('index.tpl');
+
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

scripts/examples/sync-roundcubemail-totp.php

@@ -0,0 +1,33 @@
+#!/bin/env php
+<?php
+// Get positional arguments
+$USERNAME=$argv[1];
+$DOMAIN=$argv[2];
+
+// Get TOTP shared secret from stdin
+$SHARED_SECRET = trim(fgets(STDIN));
+
+// Include database configuration
+include_once "/etc/postfixadmin/rcm-totp-sync.php";
+
+// connect to Roundcubemail database and update user preferences with TOTP secret
+mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
+$mysqli = new mysqli($CONFIG["host"], $CONFIG["user"], $CONFIG["password"], $CONFIG["database"]);
+
+$stmt = $mysqli->prepare("SELECT preferences FROM users WHERE username=?");
+$stmt->bind_param("s", $USERNAME);
+$stmt->execute();
+$result = $stmt->get_result();
+
+if ($result->num_rows == 1) {
+  echo "Updating TOTP secret for $USERNAME\n";
+  $row = $result->fetch_assoc();
+  $preferences = unserialize($row['preferences']);
+  $preferences['twofactor_gauthenticator']['secret'] = $SHARED_SECRET;
+  $stmt_update = $mysqli->prepare("UPDATE users SET preferences=?");
+  $stmt_update->bind_param("s", serialize($preferences));
+  $stmt_update->execute();
+} else {
+  echo "Could not find user $USERNAME in Roundcubemail.\n";
+}
+$mysqli->close();

templates/app-passwords.tpl

@@ -0,0 +1,106 @@
+<form name="password" method="post" action="" class="form-horizontal">
+    <div id="edit_form" class="panel panel-default">
+        <div class="panel-heading"><h4>{$PALANG.pApp_passwords_welcome}</h4></div>
+        <div class="panel-body enable-asterisk">
+            <input class="flat" type="hidden" name="token" value="{$smarty.session.PFA_token|escape:"url"}"/>
+            <div class="form-group {if $pPassword_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label"
+                       for="fPassword_current">{$PALANG.pPassword_password_current}:</label>
+                <div class="col-md-6 col-sm-8">
+                    <input class="form-control" type="password" name="fPassword_current" id="fPassword_current"/>
+                </div>
+                <span class="help-block">{$pPassword_text}</span>
+            </div>
+            <div class="form-group">
+                <label class="col-md-4 col-sm-4 control-label" for="fAppDesc">{$PALANG.pTotp_exceptions_description}:</label>
+                <div class="col-md-6 col-sm-8"><input class="form-control" type="input" name="fAppDesc" id="fAppDesc"/></div>
+            </div>
+            <div class="form-group">
+                <label class="col-md-4 col-sm-4 control-label" for="fAppPass">{$PALANG.password}:</label>
+                <div class="col-md-6 col-sm-8">
+                    <input class="form-control" type="input" name="fAppPass" id="fAppPass"/>
+                    <div class="pull-right">
+                        <a id="genbutton" class="btn btn-primary">{$PALANG.generate}</a>
+                        <a id="copybutton" class="btn btn-primary">{$PALANG.copy}</a>
+                    </div>
+                 </div>
+            </div>
+        </div>
+        <div class="panel-footer">
+            <div class="btn-toolbar" role="toolbar">
+
+                <div class="pull-right">
+                    <a href="main.php" class="btn mr btn-secondary">{$PALANG.exit}</a>
+
+                    <button class="btn ml btn-lg btn-primary" type="submit" name="submit" value="{$PALANG.pApp_passwords_add}">{$PALANG.pApp_passwords_add}</button>
+
+                </div>
+            </div>
+        </div>
+    </div>
+</form>
+
+<div id="edit_form" class="panel panel-default">
+    <div class="panel-heading"><h4>{$PALANG.pApp_passwords_list}</h4></div>
+    <table class="table table-hover" id="mailbox_table">
+        <tr class="header">
+            <th>{$PALANG.pOverview_mailbox_username}</th>
+            <th>{$PALANG.pTotp_exceptions_description}</th>
+            <th>{$PALANG.pTotp_exceptions_revoke}</th>
+        </tr>
+        {foreach $pPasswords as $p}
+        <tr>
+            <td>{$p.username}</td>
+            <td>{$p.description}</td>
+            <td>
+                <form name="exception{$p.id}" method="post" action="" class="form-vertical">
+                    <input type="hidden" name="fAppId" value="{$p.id}">
+                    <input class="flat" type="hidden" name="token" value="{$smarty.session.PFA_token|escape:"url"}"/>
+                    <button class="btn ml btn-primary" type="submit" {if !$p.edit}disabled="disabled"{/if} name="submit" value="{$PALANG.pTotp_exceptions_revoke}">{$PALANG.pTotp_exceptions_revoke}</button>
+                </form>
+            </td>
+        </tr>
+        {/foreach}
+    </table>
+</div>
+
+<script>
+
+const getRandomElement = arr => {
+  const rand = Math.floor(Math.random() * arr.length);
+  return arr[rand];
+}
+
+const generateRandomPasswordSelection = (length) => {
+  const uppercase = ['A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'];
+  const lowercase = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'];
+  const special = ['~', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '_', '+', '-', '=', '{', '}', '[', ']', ':', ';', '?', ', ', '.', '|', '\\'];
+  const numbers = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'];
+
+  const nonSpecial = [...uppercase, ...lowercase, ...numbers];
+
+  let password = '';
+
+  for (let i = 0; i < length; i++) {
+    // Previous character is a special character
+    if (i !== 0 && special.includes(password[i - 1])) {
+      password += getRandomElement(nonSpecial);
+    } else password += getRandomElement([...nonSpecial, ...special]);
+  }
+
+  return password;
+}
+
+const passwordInput = document.querySelector("#fAppPass");
+
+passwordInput.value = generateRandomPasswordSelection(32);
+
+document.querySelector("#genbutton").addEventListener("click", () => {
+    passwordInput.value = generateRandomPasswordSelection(32);
+});
+
+document.querySelector("#copybutton").addEventListener("click", () => {
+    navigator.clipboard.writeText(passwordInput.value);
+});
+
+</script>

templates/index.tpl

@@ -1,6 +1,7 @@
 {strip}
     {include file="header.tpl"}
-    {if $smarty_template !== 'login' && $smarty_template !== 'password-recover' && $smarty_template !== 'password-change'}
+    {* Hide menu for some templates *}
+    {if !in_array($smarty_template, ["login", "login-mfa", "password-recover", "password-change"])}
     {config_load file="menu.conf" section=$smarty_template}
         {if $authentication_has_role.user}
             {include file='users_menu.tpl'}

templates/login-mfa.tpl

@@ -0,0 +1,21 @@
+<form name="password" method="post" action="" class="form-horizontal">
+    <div id="edit_form" class="panel panel-default">
+        <div class="panel-heading"><h4>{$PALANG.pTOTP_confirm}</h4></div>
+        <div class="panel-body enable-asterisk">
+            <input class="flat" type="hidden" name="token" value="{$smarty.session.PFA_token|escape:"url"}"/>
+            <div class="form-group {if $pTOPT_code_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label" for="fTOTP_code">{$PALANG.pTOTP_code}:</label>
+                <div class="col-md-6 col-sm-8"><input id="TOTP_code" class="form-control" type="text" name="fTOTP_code" size="6" autofocus /></div>
+                <span class="help-block">{$pTOPT_code_text}</span>
+            </div>
+        </div>
+        <div class="panel-footer">
+            <div class="btn-toolbar" role="toolbar">
+                <div class="pull-right">
+                    <a href="login-mfa.php?abort=1" class="btn mr btn-secondary">{$PALANG.exit}</a>
+                    <button class="btn ml btn-lg btn-primary" type="submit" name="submit" value="{$PALANG.MFA_submit}">{$PALANG.MFA_submit}</button>
+                </div>
+            </div>
+        </div>
+    </div>
+</form>

templates/menu.tpl

@@ -124,13 +124,27 @@
                             </li>
                         {/strip}
                     {/if}
+                    {* TOTP *}
+                    {if $CONF.totp==='YES'}
+                        {strip}
+                            <li class="dropdown">
+                                <a class="btn navbar-btn dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
+                                   aria-expanded="false" href="{#url_dkim#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_security} <span
+                                            class="caret"></span></a>
+                                <ul class="dropdown-menu">
+                                    <li><a href="{#url_password#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_password}</a></li>
+                                    <li><a href="{#url_totp#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_totp}</a></li>
+                                    <li><a href="{#url_totp_exceptions#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_totp_exceptions}</a></li>
+                                    <li><a href="{#url_app_passwords#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_app_passwords}</a></li>
                                 </ul>
-                <ul class="nav navbar-nav navbar-right">
+                            </li>
+                        {/strip}
+                    {else}
                         {* password *}
-                    <li><a class="btn navbar-btn" type="button"
-                           href="{#url_password#}">
+                        <li><a class="btn navbar-btn" type="button" href="{#url_password#}">
             				<span class="glyphicon glyphicon-lock" aria-hidden="true"></span>
 			            	{$PALANG.pMenu_password}</a></li>
+	                {/if}	
                     {* backup *}
                     {if $authentication_has_role.global_admin && $CONF.database_type!=='pgsql' && $CONF.backup === 'YES'}
                         <li><a class="btn btn-default navbar-btn btn-sm" type="button"

templates/totp-exceptions.tpl

@@ -0,0 +1,64 @@
+<form name="password" method="post" action="" class="form-horizontal">
+    <div id="edit_form" class="panel panel-default">
+        <div class="panel-heading"><h4>{$PALANG.pTotp_exceptions_welcome}</h4></div>
+        <div class="panel-body enable-asterisk">
+            <input class="flat" type="hidden" name="token" value="{$smarty.session.PFA_token|escape:"url"}"/>
+            <div class="form-group {if $pPassword_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label"
+                       for="fPassword_current">{$PALANG.pPassword_password_current}:</label>
+                <div class="col-md-6 col-sm-8"><input class="form-control" type="password" name="fPassword_current" id="fPassword_current"/></div>
+                <span class="help-block">{$pPassword_text}</span>
+            </div>
+            <div class="form-group {if $pUser_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label" for="fUser">{$PALANG.pTotp_exceptions_user}:</label>
+                <div class="col-md-6 col-sm-8"><input class="form-control" type="input" name="fUser" id="fUser" value="{$pUser}"/></div>
+                <span class="help-block">{$pUser_text}</span>
+            </div>
+            <div class="form-group">
+                <label class="col-md-4 col-sm-4 control-label" for="fIp">{$PALANG.pTotp_exceptions_address}:</label>
+                <div class="col-md-6 col-sm-8"><input class="form-control" type="input" name="fIp" id="fIp"/></div>
+            </div>
+            <div class="form-group">
+                <label class="col-md-4 col-sm-4 control-label" for="fDesc">{$PALANG.pTotp_exceptions_description}:</label>
+                <div class="col-md-6 col-sm-8"><input class="form-control" type="input" name="fDesc" id="fDesc"/></div>
+            </div>
+        </div>
+        <div class="panel-footer">
+            <div class="btn-toolbar" role="toolbar">
+
+                <div class="pull-right">
+                    <a href="main.php" class="btn mr btn-secondary">{$PALANG.exit}</a>
+
+                    <button class="btn ml btn-lg btn-primary" type="submit" name="submit" value="{$PALANG.pTotp_exceptions_add}">{$PALANG.pTotp_exceptions_add}</button>
+
+                </div>
+            </div>
+        </div>
+    </div>
+</form>
+
+<div id="edit_form" class="panel panel-default">
+    <div class="panel-heading"><h4>{$PALANG.pTotp_exceptions_list}</h4></div>
+    <table class="table table-hover" id="mailbox_table">
+        <tr class="header">
+            <th>{$PALANG.pOverview_mailbox_username}</th>
+            <th>{$PALANG.pTotp_exceptions_address}</th>
+            <th>{$PALANG.pTotp_exceptions_description}</th>
+            <th>{$PALANG.pTotp_exceptions_revoke}</th>
+        </tr>
+        {foreach $pExceptions as $exception}
+        <tr>
+            <td>{$exception.username}</td>
+            <td>{$exception.ip}</td>
+            <td>{$exception.description}</td>
+            <td>
+                <form name="exception{$exception.id}" method="post" action="" class="form-vertical">
+                    <input type="hidden" name="fId" value="{$exception.id}">
+                    <input class="flat" type="hidden" name="token" value="{$smarty.session.PFA_token|escape:"url"}"/>
+                    <button class="btn ml btn-primary" type="submit" {if !$exception.edit}disabled="disabled"{/if} name="submit" value="{$PALANG.pTotp_exceptions_revoke}">{$PALANG.pTotp_exceptions_revoke}</button>
+                </form>
+            </td>
+        </tr>
+        {/foreach}
+    </table>
+</div>

templates/totp.tpl

@@ -0,0 +1,68 @@
+<form name="password" method="post" action="" class="form-horizontal">
+    <div id="edit_form" class="panel panel-default" style="visibility:{$show_form}">
+        <div class="panel-heading"><h4>{$PALANG.pTOTP_welcome}</h4></div>
+        <div class="panel-body enable-asterisk">
+            <input class="flat" type="hidden" name="token" value="{$smarty.session.PFA_token|escape:"url"}"/>
+            <div class="form-group">
+                <label class="col-md-4 col-sm-4 control-label">{$PALANG.pLogin_username}:</label>
+                <div class="col-md-6 col-sm-8"><p class="form-control-static"><em>{$SESSID_USERNAME}</em></p></div>
+            </div>
+            <div class="form-group {if $pPassword_password_current_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label"
+                       for="fPassword_current">{$PALANG.pPassword_password_current}:</label>
+                <div class="col-md-6 col-sm-8"><input class="form-control" type="password" name="fPassword_current"
+                                                      id="fPassword_current"/></div>
+                <span class="help-block">{$pPassword_password_current_text}</span>
+            </div>
+            <div class="form-group {if $pTOTP_secret_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label" for="fTOTP_secret">{$PALANG.pTOTP_secret}:</label>
+                <div class="col-md-6 col-sm-8">
+                    <img src="data:image/png;base64, {$pQR_raw}" />{$pTOTP_secret}
+                    <input type="hidden" name="fTOTP_secret" value="{$pTOTP_secret}" />
+                </div>
+            </div>
+            <div class="form-group {if $pTOTP_code_text}has-error{/if}">
+                <label class="col-md-4 col-sm-4 control-label" for="fTOTP_code">{$PALANG.pTOTP_code}:</label>
+                <div class="col-md-6 col-sm-8"><input id="TOTP_code" class="form-control" type="text" name="fTOTP_code" size="6" /></div>
+                <span class="help-block">{$pTOTP_code_text}</span>
+            </div>
+        </div>
+        <div class="panel-footer">
+            <div class="btn-toolbar" role="toolbar">
+
+                <div class="pull-right">
+                    {if $authentication_has_role.user}
+                        <a href="main.php" class="btn mr btn-secondary">{$PALANG.exit}</a>
+                    {/if}
+
+                    <button class="btn ml btn-lg btn-primary" type="submit" name="submit" value="{$PALANG.change_TOTP}">{$PALANG.change_TOTP}</button>
+
+                </div>
+            </div>
+        </div>
+    </div>
+    {if $show_form == 'hidden'}
+    <div id="showform" class="panel panel-default"">
+        <div class="panel-footer">
+            <div class="btn-toolbar" role="toolbar">
+                <div class="pull-left">
+                    <h3>{$PALANG.TOTP_already_configured}</h3>
+                </div>
+                <div class="pull-right">
+                    <a href="#" class="btn ml btn-lg btn-primary" id="showbutton">{$PALANG.show}</a>
+                </div>
+            </div>
+        </div>
+    </div>
+    {/if}
+</form>
+<script>
+document.getElementById("showbutton").addEventListener("click", function(e) {
+  showform()
+});
+
+function showform() {
+  document.getElementById("showform").style.visibility= "hidden";
+  document.getElementById("edit_form").style.visibility= "visible";
+}
+</script>

templates/users_main.tpl

@@ -18,6 +18,27 @@
             <td nowrap="nowrap"><a class="btn btn-primary" href="password.php">{$PALANG.change_password}</a></td>
             <td>{$PALANG.pUsersMain_password}</td>
         </tr>
+        {* TOTP *}
+        {if $CONF.totp==='YES'}
+        {strip}
+        <tr>
+            <td nowrap="nowrap"><a class="btn btn-primary" href="totp.php">{$PALANG.pUsersMenu_totp}</a></td>
+            <td>{$PALANG.pUsersMain_totp}</td>
+        </tr>
+        <tr>
+            <td nowrap="nowrap"><a class="btn btn-primary" href="{#url_totp_exceptions#}">{$PALANG.pMenu_totp_exceptions}</a></td>
+            <td>{$PALANG.pUsersMain_totp_exceptions}</td>
+        </tr>
+        {/strip}
+        {/if}
+        {if $CONF.app_passwords==='YES'}
+        {strip}
+        <tr>
+            <td nowrap="nowrap"><a class="btn btn-primary" href="{#url_app_passwords#}">{$PALANG.pMenu_app_passwords}</a></td>
+            <td>{$PALANG.pUsersMain_app_passwords}</td>
+        </tr>
+        {/strip}
+        {/if}
         <tr>
             <td nowrap="nowrap"><a class="btn btn-primary" href="{#url_user_logout#}">{$PALANG.pMenu_logout}</a></td>
             <td>{$PALANG.pMain_logout}</td>

templates/users_menu.tpl

@@ -15,15 +15,34 @@
         </div>
         <div id="navbar" class="collapse navbar-collapse">
             <ul class="nav navbar-nav">
-                <li><a target="_top" href="{#url_user_main#}">{$PALANG.pMenu_main}</a></li>
+                <li><a class="btn navbar-btn" target="_top" href="{#url_user_main#}">{$PALANG.pMenu_main}</a></li>
                 {if $CONF.vacation===YES}
-                    <li><a target="_top" href="{#url_user_vacation#}">{$PALANG.pUsersMenu_vacation}</a></li>
+                    <li><a class="btn navbar-btn" target="_top" href="{#url_user_vacation#}">{$PALANG.pUsersMenu_vacation}</a></li>
                 {/if}
                 {if $CONF.edit_alias===YES}
-                    <li><a target="_top" href="{#url_user_edit_alias#}">{$PALANG.pUsersMenu_edit_alias}</a></li>
+                    <li><a class="btn navbar-btn" target="_top" href="{#url_user_edit_alias#}">{$PALANG.pUsersMenu_edit_alias}</a></li>
                 {/if}
-                <li><a target="_top" href="{#url_user_password#}">{$PALANG.change_password}</a></li>
-                <li class="logout"><a target="_top" href="{#url_user_logout#}">{$PALANG.pMenu_logout}</a></li>
+                {* TOTP *}
+                {if $CONF.totp==='YES'}
+                    {strip}
+                        <li class="dropdown">
+                            <a class="btn navbar-btn dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
+                               aria-expanded="false" href="{#url_totp#}">{$PALANG.pMenu_security} <span
+                                        class="caret"></span></a>
+                            <ul class="dropdown-menu">
+                                <li><a href="password.php"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.change_password}</a></li>
+                                <li><a href="{#url_totp#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pUsersMenu_totp}</a></li>
+                                <li><a href="{#url_totp_exceptions#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_totp_exceptions}</a></li>
+                                <li><a href="{#url_app_passwords#}"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> {$PALANG.pMenu_app_passwords}</a></li>
+                            </ul>
+                        </li>
+                    {/strip}
+                {else}
+                    {* password *}
+                    <li><a class="btn navbar-btn" target="_top" href="{#url_user_password#}">{$PALANG.change_password}</a></li>
+                {/if}
+
+                <li class="logout"><a class="btn navbar-btn" target="_top" href="{#url_user_logout#}">{$PALANG.pMenu_logout}</a></li>
             </ul>
         </div>
     </div>