Hello,
I'd like to add two-factor authentication to my Dadabik site. After consulting the manual (below), I found some information I don't fully understand. Is there a supplementary manual?
I'm already familiar with and use two-factor authentication with WordPress; it works fine: on one side, the Wordfence module is activated on the server, and on the other side, on my phone, the Google Authenticator app generates codes that I use for WordPress login.
In the specific context of Dadabik, how do I do this?
How do I configure it using all these terms from the manual: "API of qrsever.com", "$two_factor_auth_app_name) and the TOTP secret", "config parameters $encryption_key and $two_factor_auth_app_name", "parameter $show_2fa_secret_code_text"?
Is there a more detailed manual?
Sincerely
---------------current manual----------------------------
To generate the QR Code, the API of qrsever.com is used. When the QR Code is generated, the following information are sent to qrsever.com: the username of the user, the name of the app ($two_factor_auth_app_name) and the TOTP secret. Being an HTTP(s) call, other information (for example your IP address, your browser, your OS) could be potentially stored by qrsever.com.
Before starting to use 2FA, you need to set the config parameters $encryption_key and $two_factor_auth_app_name.
The config parameter $show_2fa_secret_code_text allows to set wheather to display the secret key as text in addition to the QR code during the user's first login. By default, this is set to 0 (disabled).
If you use HTTP API calls to login, you can still authenticate with uesrname+password only, even if 2FA is enabled for the user.
----------------current manual------------------------
I'd like to add two-factor authentication to my Dadabik site. After consulting the manual (below), I found some information I don't fully understand. Is there a supplementary manual?
I'm already familiar with and use two-factor authentication with WordPress; it works fine: on one side, the Wordfence module is activated on the server, and on the other side, on my phone, the Google Authenticator app generates codes that I use for WordPress login.
In the specific context of Dadabik, how do I do this?
How do I configure it using all these terms from the manual: "API of qrsever.com", "$two_factor_auth_app_name) and the TOTP secret", "config parameters $encryption_key and $two_factor_auth_app_name", "parameter $show_2fa_secret_code_text"?
Is there a more detailed manual?
Sincerely
---------------current manual----------------------------
To generate the QR Code, the API of qrsever.com is used. When the QR Code is generated, the following information are sent to qrsever.com: the username of the user, the name of the app ($two_factor_auth_app_name) and the TOTP secret. Being an HTTP(s) call, other information (for example your IP address, your browser, your OS) could be potentially stored by qrsever.com.
Before starting to use 2FA, you need to set the config parameters $encryption_key and $two_factor_auth_app_name.
The config parameter $show_2fa_secret_code_text allows to set wheather to display the secret key as text in addition to the QR code during the user's first login. By default, this is set to 0 (disabled).
If you use HTTP API calls to login, you can still authenticate with uesrname+password only, even if 2FA is enabled for the user.
----------------current manual------------------------
