[Koha-bugs] [Bug 28786] New: Two-factor authentication for staff client - TOTP

Fri Jul 30 14:02:36 CEST 2021

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28786

            Bug ID: 28786
           Summary: Two-factor authentication for staff client - TOTP
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: ASSIGNED
          Severity: enhancement
          Priority: P5 - low
         Component: Authentication
          Assignee: jonathan.druart+koha at gmail.com
          Reporter: jonathan.druart+koha at gmail.com
        QA Contact: testopia at bugs.koha-community.org
                CC: dpavlin at rot13.org
        Depends on: 28785
            Blocks: 20476

This enhancement will provide a first step for Two-factor authentication (2FA).

This implementation will use time-based, one-time passwords (TOTP) as the
second factor, letting the librarians use an application to handle it and
provide them the code they need to provide at a second login step.

The goal is to let librarians choose if then want to enable the feature, not to
force them.

https://en.wikipedia.org/wiki/Time-based_One-Time_Password

Referenced Bugs:

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20476
[Bug 20476] Two factor authentication for the staff client - omnibus
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28785
[Bug 28785] Code in C4::Auth::checkauth is copy pasted
-- 
You are receiving this mail because:
You are watching all bug changes.