ephios icon indicating copy to clipboard operation
ephios copied to clipboard

Published 20 hours ago verified publisher icon ephios-dev

Add MFA/2FA via webauthn/FIDO2

Open jeriox opened this issue 3 years ago • 1 comments

As a user, I want to be able to enable 2FA for my ephios account. We could also require it for administrators or specific actions.

https://github.com/mkalioby/django-mfa2 looks good, https://github.com/CZ-NIC/django-fido as other option

jeriox avatar Dec 01 '21 13:12 jeriox

I think nowadays 2FA or login with passkey/certificate as a security standard should at least be available everywhere as an option. It would also be conceivable to have an individual setting option as to whether 2FA is mandatory and an individual setting option for how long and complex the passwords must be. So 2FA options should, if possible, include email, authentication app, backup codes and yubikey (https://github.com/mkalioby/django-mfa2 looks good an has all all these requirements). The most important thing is 2FA protection for the admin account.

pov91 avatar Sep 11 '23 13:09 pov91