i'm afraid you are mixing things

ALTER TABLE #__content ADD COLUMN featured_up datetime NOT NULL DEFAULT '0000-00-00 00:00:00';

I think so

Sorry guys, my mistake, I fixed the PR

Tooltip string not translated on backend.

Conflicts need resolving.

It'd be nice to get this included...

Can you update the sql files extension_id, please. After that I can test this.
Since you created this PR some new extensions were included. The 481 id is assigned to the plg_fields_repeatable in Joomla 3.9 dev.

@eshiol thanks for the update but I think you forgot to update the installation sql files too.

I used patchtester and tried to test it but the extension is not in the database.

I have updated the extension_id in the installation sql files but it seems the patch tester component doesn't run the update sql files.
You need to manually run the file 3.9.0-2018-04-18.sql.

it seems the patch tester component doesn't run the update sql files

That has always been the case. Patch tester will never arbitrarily run SQL statements, especially as we do not provide a rollback capability.

Thanks for the info @mbabker and sorry I'm new to testing here so I did not know that.

Ok, I ran the sql in the database and was able to correctly install the extension. I'll do some tests and report the results when finished.

Sorry for the delay, this is the tests I made.
Since the pactchtester can't run SQL statements, thanks again @mbabker for the info I tried to use git to install the patch.

Installation
Please correct me if I did anything wrong here since this is the first time I installed 3.9-dev using git bash

I used the following commands to install the 3.9 branch
git clone -b 3.9-dev --single-branch https://github.com/joomla/joomla-cms.git

Then the following to get this pull request
git fetch origin pull/20191/head:pr-20191
git checkout pr-20191

I think you probably can install the extension via patchtester and then run the sql but I choose to try the git way

Run the SQL query in your database. In my case In phpMyAdmin operations I ran the following query from @eshiol pr

INSERT INTO `#__extensions` (`extension_id`, `package_id`, `name`, `type`, `element`, `folder`, `client_id`, `enabled`, `access`, `protected`, `manifest_cache`, `params`, `custom_data`, `system_data`, `checked_out`, `checked_out_time`, `ordering`, `state`) VALUES
(495, 0, 'plg_twofactorauth_trust', 'plugin', 'trust', 'twofactorauth', 0, 0, 1, 0, '', '', '', '', 0, '0000-00-00 00:00:00', 0, 0);
INSERT INTO `#__postinstall_messages` (`extension_id`, `title_key`, `description_key`, `action_key`, `language_extension`, `language_client_id`, `type`, `action_file`, `action`, `condition_file`, `condition_method`, `version_introduced`, `enabled`)
VALUES
(700, 'PLG_TWOFACTORAUTH_TRUST_POSTINSTALL_TITLE', 'PLG_TWOFACTORAUTH_TRUST_POSTINSTALL_BODY', '', 'plg_twofactorauth_trust', 1, 'message', '', '', '', '', '3.9.0', 1);

Just make sure you replace #_ with your database prefix

After that:

Enable the Two Factor Authentication - Google Authenticator plugin
Enable the Two Factor Authentication - Trust this device plugin
Configure your Google authentication key in the user administrator page or in frontend account
Logout and try to login

The problems I found

1. First thing I noticed is the tooltip is trust this device but it is actualy trust this browser because it is based on the browser cookies you are on. So maybe change the language
   tooltip string to make it clear it is specific to the browser your are on

2. In the plugin page you have this
   "Allow user to mark the computer or mobile device as trusted. With trusted computers and devices, you don’t need to enter a verification code each time you sign in."
   I think this might confuse users because your're not marking the computer or mobile but the browser as trusted

3. The trust this device checkbox is not available in Hathor admin template login page

4. The checkbok is not centered in the admin login page (Isis template)

Successful tests

Tested in Chrome, logout and open the admin in Firefox and it does not work unless you check the trust in Firefox too.

Tested cleaning cookies and the trust does not work anymore as expected

Tested with superuser and administrator accounts and both works in the backend when you do the check

Tested disabling the extension in Firefox and tried to login in Chrome and it correctly prompted me to use the two factor secret key

If you check the trust this device in the backend, logout and go to frontend and try to login you can't
you have to check the trust in the frontend too. I think this is expected.

Tested with registered user in frontend and the trust this device works too

Tested the backend in Chrome mobile and it works too

Tested choosing 1 day for the cookie life time and checked 24h later and it showed the warning "The two factor authentication Secret Key is invalid."

I only tested with Google two factor authenticator and with Chrome, FF, Edge and IE 11 latest versions.
I only tested the functionality, not the code as I am not a developer.

I'll mark my test successful as soon the problems I found has been answered.

I have tested this item ✅ successfully on e2446dc

I have tested this item ✅ successfully on e2446dc

Hi! I tested this on/with:

Joomla! 3.9.1-dev
PHP 7.2.11 | MySQL 5.6.41
Chrome & Firefox
Authentication method: Yubikey

In used the Joomla Patch tester to install the patch on my test CMS. I did need to run the SQL code provided by fabpacheco. But to I did also need to change the SQL query, because the '495' extension ID is now used bu a privacy plugin. So I changed that to '496'.

After this I could activate the plugin (only became visible in the backend after the SQL query) and the tests were successful. A cookie was placed on my computer by the browser when I checked the trust checkbox. The next time I did not need to enter the key again, I could just leave it untouched.

I would like to suggest, when the cookie is placed, dot not show the key field at all? Or some other way to communicate to the user that a key is not needed at that time?

I did not test different settings for the plugin 'Two Factor Authentication - Trust this device '. I did see the cookie expiration date was set OK (30 days) so I guess that will work fine.

Hope to see this implemented soon.

Maybe something like this?

Can the Secret code be put on a second site like real 2 FA is like?

Joomla core doesn't have a "captive" login system that would let you have a secondary login screen like many other sites with a 2FA workflow do (BTW there is nothing "wrong" about having the 2FA field alongside the main login form other than at worst introducing some user confusion about what a "secret key" is).

@mbabker That's why I put '2FA key' as a placeholder text in the 2FA field. That might be a bit more explanatory. Also I think the star icon could be replaced with a key icon to better fit the purpose of this field.

Is there anything I can do (except actual coding...) to help this issue to get merged into the CMS? Does it need more tests from others? Not sure how this works... I see 'some checks were not succesful'. Are these automated test? Or is someone responsible for these tests? Sorry about these 'newbie' questions.

Nothing to be sorry about. I have just fixed the conflicts and updated to staging (that reboots the tests). So yes please test the code / Plugin and let us know ?

Rebase for J4?

As new Feature it has to be rebased on J4, so closing. Thanks for hint @Quy