Two step authentication with Google Authenticator

Re: Two step authentication with Google Authenticator

by James McLean -
Number of replies: 7

I've completed the planned improvements:

  • Self setup/management of 2fa
  • Implementation of 10 emergency tokens, provided in clear text only when the user sets up their own a2fa via the above method
  • Set a single browser as trusted (Option not available when using an emergency token)
  • Events for all steps of the enable/disable/setup process so appropriate listeners can be setup later.

No tests as yet, typically smile

Still planning on posting the changes to github at some point. Hopefully have the time for that in the next month or so.

Average of ratings: -
In reply to James McLean

Re: Two step authentication with Google Authenticator

by pro-web at -

Hi James,


your plugin looks very promissing! great work!

did you have time for posting it to github already?

I would like to know, how you did the 2 step form authentification and how about possible security issues with that.

Average of ratings: -
In reply to James McLean

Re: Two step authentication with Google Authenticator

by Andreas Riepl -

Hello James, for a project we are sorting out possibilites of 2fa - is there any way we can look at the code to see if this would fit in for us? You mentioned github. Do you have plans to release it there in the near future?

Regards

Andreas

Average of ratings: -
In reply to Andreas Riepl

Re: Two step authentication with Google Authenticator

by James McLean -

Thanks for your interest Andreas.

I'm currently seeking approval from our security team to release the code - I will respond once I have heard back from them.

Average of ratings: -
In reply to James McLean

Re: Two step authentication with Google Authenticator

by Adib Masumian -

Hi James,

Did you ever hear back from your security team? We're looking for a solid 2FA solution on our Moodle site, and are hoping that your code might hold the key.

Thanks!

Average of ratings: -
In reply to Adib Masumian

Re: Two step authentication with Google Authenticator

by James McLean -

I never did unfortunately, and due to other priorities I wasn't able to chase it up. I have just completed a major task that has taken all my time for the past few months, so I might be able to follow up on this with the security team again this week. I'll let you know how I go. 

I really would like to get this out there as it works very very well and I'm actually quite proud of the modifications I made to make this work properly, but the decision is out of my hands unfortunately.

Average of ratings: -
In reply to James McLean

Re: Two step authentication with Google Authenticator

by Sven Laudel -

Hello James,


i just want to ask if there is any progress to that topic?


Best regards

Sven

Average of ratings: -
In reply to Sven Laudel

Re: Two step authentication with Google Authenticator

by Sven Laudel -

Hello James,


maybe you  missed my question. Did you make any progress on publishing your changes to moodle?

I really would like to implement 2 step authentication in our installation.


Best regards

Sven

Average of ratings: -