webtrees icon indicating copy to clipboard operation
webtrees copied to clipboard
verified publisher icon fisharebest

Add 2FA-method to login

Open LarsRabe opened this issue 3 years ago • 4 comments

As I observe increasing login attacks, mostly coming from russian ip-adresses (which might be related to the russian war on Ukraine), I would like to see enhancing the login by a 2FA-method.

I think a OTP-method like e.g. Google Authenticator, Microsoft Authenticator or any other open source authenticator would be helpfull.

LarsRabe avatar Feb 26 '23 12:02 LarsRabe

Or purely "login with" Google/Github etc. account

andriej avatar Mar 15 '23 12:03 andriej

Yubikey ftw!

Export33 avatar Sep 02 '23 22:09 Export33

FTW = ???

fisharebest avatar Sep 03 '23 11:09 fisharebest

FTW is "For the Win". See https://en.wiktionary.org/wiki/for_the_win#Prepositional_phrase

And no, Yubikey is not FTW at all. I'm OK with having that as an option, but the real FTW would be to start with a simple TOTP-based 2FA token. Maybe take a look at https://github.com/Spomky-Labs/otphp

jcnventura avatar Dec 20 '23 11:12 jcnventura