copona icon indicating copy to clipboard operation
copona copied to clipboard
verified publisher icon copona

Admin login security multiple protections

Open arnisjuraga opened this issue 8 years ago • 4 comments

OC2 is planning to have 2-stop authentication. At the moment, we can implement token login at least, to protect from brute-force.

Something from here: https://github.com/opencart/opencart/issues/5286 and https://github.com/opencart/opencart/issues/5285 (as a reason)

arnisjuraga avatar Mar 20 '17 09:03 arnisjuraga

One way to increase security is to leave the dynamic admin path. I think it's really cool hehe tool https://getclef.com/

I think you can install a 2-step but leave this part flexible, so that the developer can more easily implement an extension that increases the security in any way he wants.

prhost avatar May 10 '17 14:05 prhost

Clef will stop working on June 6, 2017

But 2-stop auth is something nice to have in the future.

arnisjuraga avatar May 10 '17 16:05 arnisjuraga

"Clef will stop working on June 6, 2017" - sad On the dynamic path of admin, would have to reshape the routes part.

prhost avatar May 10 '17 16:05 prhost

https://authy.com

prhost avatar May 11 '17 00:05 prhost