Forum OpenACS Development: Two Factor Authentication

Collapse
Posted by Malte Sussdorff on
I was asked by a client to provide two factor authentication into OpenACS. My initial thought was to use keycloak, which has full identity management with it, but might be a little bit overkill for just enabling 2FA.

Alternatives I thought of:
* One Time Passwords
* Sign-In with Microsoft365 / Google / Apple / Face-- (okay, not that one).

The clients employees use Microsoft365, so for them it might be straight forward, but they work with Freelancers and the Customers have also direct access to the Application (which connects to OpenACS through REST), so therefore I need a "fallback" for those.

Long story short: Anybody already implemented something like this? Maybe in one of the .LRN implementations you have already 2FA for the students?

Collapse
Posted by Frank Bergmann on
Checkout:
http://www.project-open.com/en/package-intranet-otp
There is even a manual available! :-)

It was supposed to be premium and enterprise, but nobody asked for this so far. You can assume it's GPL V2 licensed.

Apart from that: TOTP seems to be the standard, with many open source autenticators for Android and iOs...

Cheers
Frank