• Welcome to Simple Machines Community Forum. Please login or sign up.

Two Factor Authentication in SMF 2.1

December 03, 2014, 03:05:27 PM
Posted by Dragooon on December 03, 2014, 03:05:27 PM

Comments


vbgamer45 on December 03, 2014, 03:09:09 PM said
Nice! Great idea thanks for adding it to 2.1 first forum software that I know of that has it!

Arantor on December 03, 2014, 03:19:13 PM said
Very much approve of implementing TOTP 2FA.

Kindred on December 03, 2014, 03:51:59 PM said
excellent job, dev folks!

CountryLady on December 04, 2014, 03:58:30 AM said
Sweet~! Many Thanks to the Team.

Colin on December 04, 2014, 04:10:12 AM said
Great!!

engrz on December 04, 2014, 04:18:04 AM said
that is wonderful and secure

ziycon on December 04, 2014, 04:58:58 AM said
Fair play, I'm liking security being given the attention it deserves.

Horme Gaming on December 04, 2014, 11:59:48 AM said
sounds good specially for any user with advanced access of any form that can be a potential security issue

saosangmo on December 07, 2014, 12:26:39 PM said
Love you so much. I have used SMF for 8 years and this is the best software in security.

Masterd on January 01, 2015, 04:48:34 PM said
Excellent news! SMF is really moving in the right direction. :)

Antes on January 01, 2015, 04:55:32 PM said
Perfect to see security improvements in software.

Quote from: saosangmo on December 07, 2014, 12:26:39 PM
Love you so much. I have used SMF for 8 years and this is the best software in security.

We love you too for being with us for such long time :)

Powerbob on January 02, 2015, 10:17:06 AM said
Well done, great news :D

karlbenson on January 02, 2015, 01:44:11 PM said
Looking forward to it!

stmaxx on January 21, 2015, 06:52:19 PM said
sorry I'm late,  BUT this looks Great!

regards,
maxx

hadesflames on March 01, 2015, 08:09:36 PM said
I see the admin is able to force 2FA on everyone. I can see how that might be useful, depending on the type of forum you're running. But what would be even more useful is to be able to force 2FA on certain membergroups. For example, I wouldn't force it on all members on my forums, but I certainly would force it on Admins. I might also consider forcing it on membergroups with a lot of permissions, like global mods. So, I think an important feature to add would be to allow forcing of 2FA on different membergroups.

Kindred on March 02, 2015, 06:45:15 AM said
unlikely to happen as a core feature....

that's a fairly niche request

Steve on March 02, 2015, 09:05:40 AM said
That's a shame. This is the first time I've read this thread and I thought the same thing as hadesflames ... it would be even better to force it on certain membergroups instead of or in addition to being able to select everyone.

Arantor on March 02, 2015, 05:33:35 PM said
I'd be in favour of it as a core feature.

LiroyvH on March 03, 2015, 05:53:21 PM said
I can understand the need for such a feature, both from a perspective of security as user friendliness.
I'd be in favor as well. Up to the devs though. :)

JBlaze on March 03, 2015, 07:59:58 PM said
I second the option of being able to force 2FA on a membergroup basis.

margarett on March 04, 2015, 02:12:42 PM said
I am playing with this possibility locally (BTW, 2STP for iOS works great!) and this is actually easy to accomplish :)
Either in core (I'll discuss it with devs) or as a MOD, this will be possible ;)

Jamie96 on April 02, 2015, 01:08:13 PM said
Found this when looking for a mod to accomplish the same thing. Too bad it will be an unholy pain in the ... to rebuild my forum and all its customizations for the new version. Shame.

Though for the future, I also say it would be a good core feature to enforce on a group basis, most of my membership's heads would explode if they had it forced on them, but it seems almost necessary for my administration to be secure.

I also would like to request that Yubikey be added to the providers...its what I was looking to use...phones die or you use an insecure web app, but my keys are always with me and plugs right into the PC I'm using. Yubikey is YOTP or HOTP though, not TOTP unless assisted by an app.

LiroyvH on April 02, 2015, 01:14:36 PM said
You can activate two-factor authentication with, for example, Google Auth on multiple devices as long as you scan the QR-Code with all of 'em or manually input the key.

margarett on April 02, 2015, 01:33:03 PM said
Quote from: Jamie96 on April 02, 2015, 01:08:13 PM
Though for the future, I also say it would be a good core feature to enforce on a group basis, most of my membership's heads would explode if they had it forced on them, but it seems almost necessary for my administration to be secure.
The current version in Github already allows that ;)

lahmfan on October 31, 2016, 01:26:25 AM said
is this only on 2.1? is there anything similar for 2.0.12? if not, when will 2.1 be available as a stable release?

Kindred on October 31, 2016, 06:58:06 AM said
this is only on 2.1
nothing like this is made for 2.0

2.1 will be released when it is ready

lahmfan on October 31, 2016, 08:58:45 AM said
 ::)
I thought it was going to be released before it was ready

Antes on October 31, 2016, 10:50:56 AM said
Quote from: lahmfan on October 31, 2016, 08:58:45 AM
::)
I thought it was going to be released before it was ready


We actually release it before its ready and call it BETA :P <3
Advertisement: