back to phpList.org

Setting Up 2 Factor Authentication


#1

Hi there,

I’m trying to integrate Google Authenticator into the login for admin process.

Found the login file and could add a field for it, but can’t seem to find the file for the validation / checking of the username and password for login.

Can someone point me towards the file please? Thanks!


#2

Have made some limited progress - integrated the fields and can test validity of secret and otp, but I’m still having difficulties trying to intercept the login process, i.e. before I get into the administrative area, I would like the function to verify that the secret and otp is correct as well.

Or to have “Continue” to redirect to 2FA page for further processing. Can’t find where to edit, unfortunately.

Have integrated PhpGangsta’s Google Authenticator library and basically, this works on its own.


#3

Enabled auth module and that’s where I need to be, now just need to figure out how to condition the if/else properly.


#4

Hi @rayvolvez

Did you make any progress? I would like to implement Google Authenticator for the Admin Login, but I’m even struggling on where to start.


#5

Any news on this topic? It would be great to have 2 Factor Authentification on phpList, we have lots of personal related date inside this system and it deserves a good protection :wink:


#6

@rayvolvez Did you implement this as a plugin? There are plugin hooks related to authentication which should provide access to what you need to override the default handling.

Im sure that others would like to use 2FA with phpList as well.