Hello,
what is the current status of two-factor authentication (2FA or multi-factor authentication) with Plone 6?
What I have found out so far is
two-factor-auth-in-plone-6/14796 in February got referred to https://github.com/collective/collective.googleauthenticator but this is old (plone4 python2 last commit 2018).
community.plone.org/t/what-makes-plone-an-enterprise-cms-what-is-missing/14771/2 that 2AF support is missing in February, there is a pointer towards github.com/castlecms/castle.cms for implementation ideas. So maybe github.com/castlecms/castle.cms/pull/365/files is an inspiration
There are proposals for the summer of code, Webauth (having a mentor) and OAuth (not having one). Both would offer 2FA possibilities.
As it is mentioned that 2FA is not possible out of the box, what is the currently best method to do it with add-ons?
Did not find an issue somewhere for developing 2FA, is there one already?
collective.googleauthenticator has a plone 5.1 branch that has been worked on by community membmers . As the PAS system is mature and stable my guestimate is that it shouldn't be too much work getting this add'on upgraded to Python 3 and ready for Plone 6.
I'm not sure how much this is really tied to Google 2FA on the server, I can use their client apps interchangeably (MS, Google, third party apps)
As far as I know Google Authenticator uses the standards TOTP; specified in RFC 6238) or HOTP; specified in RFC 4226) so any application supporting this one of the standrads should work.
thank you @zopyx if you/your student have something already published, I will be happy to take a look at it. And if it pleases / if needed, also do reviews.
@erral I knew about c.googleauthenticator, but I'm looking to something integrated in Volto
