Kirby admin panel with Google 2FA (2-Step / two factor) authenticator


#1

Was looking around and did not found any topics about additional security for Kirby admin panel authentication.
Problem, that client wants additional security (actually good request) - Google 2FA (2-Step or two factor authenticator) for Kirby admin panel.
Currently Im looking at this lib: https://github.com/PHPGangsta/GoogleAuthenticator
And also looking on to this tutorial: https://www.spaceotechnologies.com/google-two-factor-authentication-tutorial-php/
Currently Im planing in /admin/panel/app/controllers/auth.php implement one of mentioned solutions.
Thing that confuses me - that in existing examples there are mentioned QR codes, but I do not need them - after entering user/pass in Kirby admin login I want next screen for entering authentication number which is shown in Google authenticator. And only after correct number user would be forwarded to Kirby admin panel.
Any advice or tip would be greatly appreciated.


#2

Don’t know if you are aware of this plugin: https://github.com/pedroborges/kirby-authenticator, maybe it helps.


#3

Was not aware of this plugin, thank You! Although its beta and does not have much features will look in to it, looks promising. From first look - it also has QR code, which I want to omit.


#4

The plugin looks promising, but has no changes for 6 month… not good.

@Bristolscript_ The QR Code is only for registration, to initialize the authentication app. Do you want to type im the random start-code instead?