You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2024/01/03 03:03:00 UTC

[jira] [Resolved] (NIFI-6823) Investigate adding 2FA to NiFi

     [ https://issues.apache.org/jira/browse/NIFI-6823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Handermann resolved NIFI-6823.
------------------------------------
      Assignee:     (was: Nathan Gough)
    Resolution: Won't Do

> Investigate adding 2FA to NiFi
> ------------------------------
>
>                 Key: NIFI-6823
>                 URL: https://issues.apache.org/jira/browse/NIFI-6823
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Security
>            Reporter: Nathan Gough
>            Priority: Major
>              Labels: 2fa, 2sv, authentication, security, two-factor
>
> It would be great to see two-factor authentication options added to NiFi. I believe there can be two solutions which can be investigated and added:
>  # External identity providers which offer 2FA/2SV (easy)
>  ## Allow a NiFi administrator to enforce 2SV for NiFi users
>  # A native solution (hard)
>  ## Will require some level of native user tracking to track shared keys per user for TOTP. Currently NiFi stores basically no details of users or their passwords.
>  ### Secure hashing of passwords using bcrypt/scrypt or some other password hashing mechanism
>  ## Uses an open source library to handle TOTP
>  ### Must allow users to initialize, enter and verify TOTP values



--
This message was sent by Atlassian Jira
(v8.20.10#820010)