Bookstack: Two-factor authentication
^
genxlee
All 14 comments
Do you use a specific 2 factor vendor? I know I have requested Okta or SSO support.
s0n-
on 22 Sep 2017
This is definitely needed, if it could be compatible with Google Authenticator that would be great.
adambirds
on 28 Sep 2017
Hi
2-factor with Google Authenticator is a great idea
Flemming-H
on 27 Sep 2018
Need it too!
lwl12
on 8 Dec 2018
Google auth (so it's compatible with authy) would be wonderful!
guenth
on 21 Dec 2018
Google auth (so it's compatible with authy) would be wonderful!
Actually, they are all based on TOTP, so just use this protocol and we can use it in many APPs~
lwl12
on 21 Dec 2018
This would be a great feature!
fourthdimension
on 7 Feb 2019
Google auth (so it's compatible with authy) would be wonderful!
Actually, they are all based on TOTP, so just use this protocol and we can use it in many APPs~
Definitely voting on TOTP implementation. This would be great enhancement to the security of the whole platform. And just think of all the popularity points project going to score with this implementation :-).
sputnik-devops
on 22 Sep 2019
Would definitely like to add my +1 to TOTP support
Cave-Johnson
on 22 Sep 2019
Came across this project recently, could this be implemented to deliver TOTP support?
Cave-Johnson
on 24 Oct 2019
Just to flesh this out a little further, What kind of controls would you want for 2FA? For example, would you want to force 2FA on all users? Let users decide? User-level control by admins? Something else?
Not looking for extra ideal, just want to know what you'd specifically want for your environment(s).
I'm assuming, for new users and for newly-admin-enabled-2fa users, we'd force a "Setup 2FA" step upon login?
We we need to implement a backup system? Or would an admin CLI command suffice to disable 2FA for system/specfiic-account suffice in scenarios where access is lost.
ssddanbrown
on 12 Mar 2020
Should be implemented system wide for all users. Let the admin decide to
enable or disable. Users would not have control over enabling or disabling.
It would be best to force setup of 2fa upon login. CLI command would
suffice where access is lost, for now.
Hope this helps to understand our environment better.
Dru
On Thu, Mar 12, 2020, 6:48 PM Dan Brown notifications@github.com wrote:
Just to flesh this out a little further, What kind of controls would you
want for 2FA? For example, would you want to force 2FA on all users? Let
users decide? User-level control by admins? Something else?Not looking for extra ideal, just want to know what you'd specifically
want for your environment(s).I'm assuming, for new users and for newly-admin-enabled-2fa users, we'd
force a "Setup 2FA" step upon login?We we need to implement a backup system? Or would an admin CLI command
suffice to disable 2FA for system/specfiic-account suffice in scenarios
where access is lost.—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/BookStackApp/BookStack/issues/516#issuecomment-598465723,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAGGONBTEXV7NEXZ5OAB4ILRHFRDBANCNFSM4D3QI3DQ
.
fourthdimension
on 13 Mar 2020
Thanks for the input @fourthdimension.
ssddanbrown
on 8 Apr 2020
Realized we have duplicate issues for this, Will close this off in favour of #1118. Although this was the original, #1118 has more up-votes to indicate user-need and therefore more likely to be looked at when choosing features to implement.
For any further comments, please add them to #1118.
ssddanbrown
on 8 Apr 2020
Related issues
Wookbert
·
3Comments
Abijeet
·
3Comments
hhk7734
·
3Comments
spacesven
·
3Comments
alex2702
·
3Comments
Most helpful comment
Actually, they are all based on TOTP, so just use this protocol and we can use it in many APPs~