Setting Up 2 Factor Authentication

Hi there,

I’m trying to integrate Google Authenticator into the login for admin process.

Found the login file and could add a field for it, but can’t seem to find the file for the validation / checking of the username and password for login.

Can someone point me towards the file please? Thanks!

1 Like

Have made some limited progress - integrated the fields and can test validity of secret and otp, but I’m still having difficulties trying to intercept the login process, i.e. before I get into the administrative area, I would like the function to verify that the secret and otp is correct as well.

Or to have “Continue” to redirect to 2FA page for further processing. Can’t find where to edit, unfortunately.

Have integrated PhpGangsta’s Google Authenticator library and basically, this works on its own.

Enabled auth module and that’s where I need to be, now just need to figure out how to condition the if/else properly.

1 Like

Hi @rayvolvez

Did you make any progress? I would like to implement Google Authenticator for the Admin Login, but I’m even struggling on where to start.

Any news on this topic? It would be great to have 2 Factor Authentification on phpList, we have lots of personal related date inside this system and it deserves a good protection :wink:

@rayvolvez Did you implement this as a plugin? There are plugin hooks related to authentication which should provide access to what you need to override the default handling.

Im sure that others would like to use 2FA with phpList as well.

@rayvolvez any update on this? We’d also like to use 2FA to secure our PII stored in phplist…

1 Like

@rayvolvez it looks like you’ve generated quite some interest - can you share the plug in with us? Whatever you’ve got could be useful.

1 Like

Hi @rayvolvez, any information on how to setup 2 factor for admins? You’d be really helping us out!

Any update on this topic in the meantime?