Two factor authentication (2FA)

https://www.phpbb.com/ideas/
Post Reply
User avatar
tojag
Registered User
Posts: 408
Joined: Thu Aug 07, 2014 8:00 am
Location: Warsaw, Poland, EU
Name: Gregory

Two factor authentication (2FA)

Post by tojag »

Add support for the two factor authentication in phpBB forum.
2FA is the standard now. Wordpress, Joomla, others have it. Google authenticator or similar is a proven tool.
It's time to build it in phpBB to provide better users protection.

User avatar
WelshPaul
Registered User
Posts: 382
Joined: Tue Aug 19, 2014 2:09 pm

Re: Two factor authentication (2FA)

Post by WelshPaul »

Been using Two factor authentication (2FA) (Via extension) on my forum for a year or more now. I agree, it should be built in to phpBB as standard.

User avatar
david63
Registered User
Posts: 17755
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Contact:

Re: Two factor authentication (2FA)

Post by david63 »

Don't have a problem with it as such, just as long as it is a user option.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

ukautoforums
Registered User
Posts: 46
Joined: Thu Mar 02, 2017 10:00 am

Re: Two factor authentication (2FA)

Post by ukautoforums »

Yes, opt in for users. Ability to use something like Google Authentication app.

Would be ideal for admin accounts and moderator accounts.

User avatar
tojag
Registered User
Posts: 408
Joined: Thu Aug 07, 2014 8:00 am
Location: Warsaw, Poland, EU
Name: Gregory

Re: Two factor authentication (2FA)

Post by tojag »

It should be option for users, of course but built in phpbb. Now, I am using Google Authenticator in joomla sites and Direct Admin panel.

Bermudez
Registered User
Posts: 147
Joined: Mon Aug 15, 2011 11:56 pm
Location: Spain
Name: Juan Antonio
Contact:

Re: Two factor authentication (2FA)

Post by Bermudez »

WelshPaul wrote:
Tue Sep 12, 2017 9:44 pm
Been using Two factor authentication (2FA) (Via extension) on my forum for a year or more now. I agree, it should be built in to phpBB as standard.
Please, Where can I find that extension?

Regards.

User avatar
warmweer
Jr. Extension Validator
Posts: 4466
Joined: Fri Jul 04, 2003 6:34 am
Location: Van Allen Bel ... gium

Re: Two factor authentication (2FA)

Post by warmweer »

Bermudez wrote:
Tue Feb 20, 2018 11:35 am
WelshPaul wrote:
Tue Sep 12, 2017 9:44 pm
Been using Two factor authentication (2FA) (Via extension) on my forum for a year or more now. I agree, it should be built in to phpBB as standard.
Please, Where can I find that extension?

Regards.
Did you search?
viewtopic.php?f=456&t=2341856
We should embrace problems, without which there wouldn't be any solutions.

Bermudez
Registered User
Posts: 147
Joined: Mon Aug 15, 2011 11:56 pm
Location: Spain
Name: Juan Antonio
Contact:

Re: Two factor authentication (2FA)

Post by Bermudez »

warmweer wrote:
Tue Feb 20, 2018 3:15 pm
Bermudez wrote:
Tue Feb 20, 2018 11:35 am
WelshPaul wrote:
Tue Sep 12, 2017 9:44 pm
Been using Two factor authentication (2FA) (Via extension) on my forum for a year or more now. I agree, it should be built in to phpBB as standard.
Please, Where can I find that extension?

Regards.
Did you search?
viewtopic.php?f=456&t=2341856
I think I hurried for ask before search.
Sorry and thanks.

User avatar
Scanialady
Registered User
Posts: 312
Joined: Thu Jan 17, 2013 7:09 pm
Location: Germany
Name: Annette
Contact:

Re: Two factor authentication (2FA)

Post by Scanialady »

david63 wrote:
Sat Sep 23, 2017 10:42 am
Don't have a problem with it as such, just as long as it is a user option.
...and if you are not forced to use a data octopus for it. What about the old school way to put in an Q&A or phone number or any kind of normal things we don't need Google, Facebook or NSA for?
Webseite, Blog, Wiki Deutsche Übersetzungen - german language files
My 2 cents: Whether an extension is in the CDB says nothing about its quality. It is more important to read the support topics for it. Better to avoid authors who do not answer support questions themselves, who do not update their stuff, and who do not fix bugs for years.

User avatar
tojag
Registered User
Posts: 408
Joined: Thu Aug 07, 2014 8:00 am
Location: Warsaw, Poland, EU
Name: Gregory

Re: Two factor authentication (2FA)

Post by tojag »

Starting from v.4.8, phpMyAdmin supports 2FA. I use it.
So, now I have 2FA in the Direct Admin Panel, phpMyAdmin, Joomla. Only phpBB remained in my system without this security :(

Tarantino
Registered User
Posts: 793
Joined: Sat Feb 18, 2012 1:51 pm
Contact:

Re: Two factor authentication (2FA)

Post by Tarantino »

I can agree this is a good idea, to have included or as extension. But either way it should have an option to trust the device for x time. So we're not obliged to always fill the TFA every time we logged in with our device that we trust.

User avatar
John connor
Registered User
Posts: 2528
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Two factor authentication (2FA)

Post by John connor »

I'd like the ability to use the one, really decent 2FA I use and that is Authy. I use Authy for everything and if SMS is the only option then I use that as well. SMS is not ideal, but better then nothing. But by in large, 99% of all the websites I use that offer 2FA I use Authy. I have the Authy App in my phone and computers. I even put Authy in a Windows 7 VMware image and wrote that image to Blu-ray. :ugeek:

Tarantino
Registered User
Posts: 793
Joined: Sat Feb 18, 2012 1:51 pm
Contact:

Re: Two factor authentication (2FA)

Post by Tarantino »

Well, Auhty or Google Authenticator is the same thing, the purpose is only to provide you the key.

I am using a 2FA solution and it works with Google Auth and Authy, only thing my solution needs is to be able to make the device trusted for x time.
Thats why I enforce that idea in the case this idea goes ahead. Because many users would ask the same. Orelse it is not "usable" at all for the day-joe-life

User avatar
tojag
Registered User
Posts: 408
Joined: Thu Aug 07, 2014 8:00 am
Location: Warsaw, Poland, EU
Name: Gregory

Re: Two factor authentication (2FA)

Post by tojag »

The PSD2 directive (for payments) has been operating in the EU for several months. 2FA is common, we meet it every day and everywhere, but not in phpbb :( It is sad. I can understand the lack of human resources in the phpbb community to accomplish this task or maybe the lack of knowledge but I don't understand avoiding the topic.

Post Reply

Return to “phpBB Ideas”