add support for two-factor / otp auth #333
Labels
Comments
|
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann). here is an existing implementation for wordpress: http://wordpress.org/extend/plugins/google-authenticator/screenshots/ |
|
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann). a simple flask demo app for otp / 2factor |
|
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann). btw, it is important to also implement a switch to and away from 2fa, so not all users are required to use it (see how google and others handle it). |
|
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann). see also issue #380 - maybe better? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Original report by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).
The original report had attachments: flaskapp.py
add support for apps like google authenticator, use pyotp, oath or just some builtin code.
http://stackoverflow.com/questions/8529265/google-authenticator-implementation-in-python
maybe needs some additional code to generate qr code for the shared secret, e.g.:
https://github.com/lincolnloop/python-qrcode
see also the passlib issue about this:
http://code.google.com/p/passlib/issues/detail?id=44
Note: while not strictly required, it is useful to have a device that can scan a qrcode for this task. otherwise you have to somehow otherwise share the secret.
The text was updated successfully, but these errors were encountered: