https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28786 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Text to go in the|This enhancement adds an |This new feature adds an release notes|initial optional |initial optional |implementation of |implementation of |two-factor authentication |two-factor authentication |(2FA) to improve security |(2FA) to improve security |when logging into the staff |when logging into the staff |interface. |interface. | | |This |This |implementation uses |implementation uses |time-based, one-time |time-based, one-time |passwords (TOTP) as the |passwords (TOTP) as the |second factor, letting |second factor, letting |librarians use an |librarians use an |application to handle it |application to handle it |and provide them the code |and provide them the code |they need when logging in. |they need when logging in. | | |It is enabled using the new |It is enabled using the new |system preference |system preference |"TwoFactorAuthentication". |"TwoFactorAuthentication". | | |Librarians can then enable |Librarians can then enable |2FA for their account from |2FA for their account from |More > Manage Two-Factor |More > Manage Two-Factor |authentication. To setup: |authentication. To setup: |1) Scan the QR code with an |1) Scan the QR code with an |authenticator app. 2) Enter |authenticator app. 2) Enter |the one time code |the one time code |generated. For future |generated. For future |logins, librarians are |logins, librarians are |prompted to enter the |prompted to enter the |authenticator code after |authenticator code after |entering their normal login |entering their normal login |credentials. |credentials. | | |Any |Any |authenticator app, such as |authenticator app, such as |Google Authenticator, |Google Authenticator, |andOTP, and many others can |andOTP, and many others can |be used. Applications that |be used. Applications that |enable backup of their 2FA |enable backup of their 2FA |accounts (either |accounts (either |cloud-based or automatic) |cloud-based or automatic) |are recommended. |are recommended. --- Comment #162 from Fridolin Somers <fridolin.somers@biblibre.com> --- (In reply to Katrin Fischer from comment #161)
I feel like we should highlight this as a 'new feature' in release notes :)
Indeed. I changed the start of release notes. -- You are receiving this mail because: You are watching all bug changes.