[Koha-bugs] [Bug 28786] Two-factor authentication for staff client - TOTP
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Sep 8 11:56:33 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28786
--- Comment #21 from Jonathan Druart <jonathan.druart+koha at gmail.com> ---
(In reply to Tomás Cohen Arazi from comment #20)
> Created attachment 124569 [details]
> Example UI
>
> I'm not sure the 'app' should be only one or not, I guess the answer is yes.
> But I like Github's page, and it points us towards this 'several 2FA
> methods' thinking.
The "Security keys" is not implemented in this development, I can understand
the 1-N you would need in this case (you can have several keys), but not with
the TOTP. You have only one TOTP secret that you could regenerate, but that
will invalidate the existing one. How is the secret different than the
password? Are you suggesting we should have the password in this new table?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list