You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@openmeetings.apache.org by "Maxim Solodovnik (Jira)" <ji...@apache.org> on 2022/12/22 05:37:00 UTC

[jira] [Created] (OPENMEETINGS-2755) 2 factor authentication

Maxim Solodovnik created OPENMEETINGS-2755:
----------------------------------------------

             Summary: 2 factor authentication
                 Key: OPENMEETINGS-2755
                 URL: https://issues.apache.org/jira/browse/OPENMEETINGS-2755
             Project: Openmeetings
          Issue Type: New Feature
          Components: Security
    Affects Versions: 6.3.0
            Reporter: Maxim Solodovnik
            Assignee: Maxim Solodovnik
             Fix For: 7.0.0


I would like to add a ticket to investigate and look into adding 2 factor authentication to OpenMeetings. As an optional feature, default would be turned off.

There are various libraries to achieve 2 factor auth. I would probably prefer using the Google Authenticator as a method since it seems the most widely adopted authenticator. 

In terms of turning it on/off I would add 2 flags:
 - On a per server basis a flag to generally turn 2 factor auth on or off
 - On a per individual account basis so you can turn 2 factor auth on/off for an individual user

This would not affect past installations.
This would not affect logging in via Soap/Rest.

I think this would be a good feature to improve security.


mail thread: https://lists.apache.org/thread/rt9c4ho7q1s6txm5lymfjhpz6qlzysgp



--
This message was sent by Atlassian Jira
(v8.20.10#820010)