[Koha-bugs] [Bug 30842] Two-factor authentication code should be valid longer

Fri May 27 10:56:59 CEST 2022

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30842

Marcel de Rooy <m.de.rooy at rijksmuseum.nl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #135414|0                           |1
        is obsolete|                            |

--- Comment #8 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Created attachment 135417
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=135417&action=edit
Bug 30842: 2FA - Allow at least one old TOTP

We allow one old token when we are setting the two-factor auth, we
should reuse the same settings when validation the authentication
itself.

Test plan:
Setup 2FA for your logged-in user
Logout/Login
Have a look at the code and wait for 30 sec before using it (< 1min
however)

Signed-off-by: David Nind <david at davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>

-- 
You are receiving this mail because:
You are watching all bug changes.