Extension:TwoFactorAuthentication
 Release status: beta |
|||
|---|---|---|---|
| Implementation | User identity, Special page, Database | ||
| Description | Two-factor authentication using TOTP (Google Authenticator). Simpler version of Extension:OATHAuth. | ||
| Author(s) | Parent5446talk | ||
| Last version | 0.2 (August 14, 2012) | ||
| MediaWiki | 1.20+ | ||
| PHP | 5.3+ | ||
| Database changes | yes | ||
| License | GPL 3 or later | ||
| Download | |||
|
|||
|
|||
| Check usage and version matrix | |||
| Bugs: list open list all report | |||
The TwoFactorAuthentication extension is an implementation of two-factor authentication for MediaWiki. The extension adds an additional field to the login form (and other authentication forms) that allows users to authenticate with a physical device, such as a phone with Google Authenticator, in addition to their password. Using two-factor authentication prevents account hijacking by requiring that an attacker have both the user's password AND one-time password device. This extension is actually a reduced version of Extension:OATHAuth, although only about half the code has been preserved.
Installation [edit]
- Download and extract the files in a directory called "
TwoFactorAuthentication" in your extensions/ folder. - Add the following code to your LocalSettings.php (at the bottom)
require_once( "$IP/extensions/TwoFactorAuthentication/TwoFactorAuthentication.php" );
Done – Navigate to "Special:Version" on your wiki to verify that the extension is successfully installed.
Configuration parameters [edit]
TwoFactorAuth has a few configuration variables. However, for most installations, the defaults will work just fine.
- $wgTwoFactorWindowSize
- The number of time, in seconds, that each one-time password is valid for. The default is 30 seconds.
- $wgTwoFactorWindowLeniency
- The radius of tokens to accept for authenticating. The default is 1, to allow for occasional differences in time synchronization. This number should generally not be increased for security reasons.
