yii2-usuario/docs/helpful-guides/how-to-implement-two-factor-auth.md

How to Implement Two-Factor Auth

Two-Factor Authentication products add an additional layer of security. Typically, users are asked to prove their identity by providing simple credentials such as an email address and a password. A second factor (2F) adds an extra layer of unauthorized access protection by prompting the user to provide an additional means of authentication such as a physical token (e.g. a card) or an additional secret that only they know.

With this module is quite easy. It basically implements two-factor authentication using the following 2amigos libraries:

• 2amigos/2fa-library
• 2amigos/qrcode-library

Enable Two-Factor

We simply need to enable two factor authentication:

'modules' => [
    'user' => [
        'class' => Da\User\Module::class,
        'enableTwoFactorAuthentication' => true
    ]
]

Now, when the user go to its settings via user/settings, it will display the option to enable two-factor authentication or not.

When enabled, the module will show a modal with a QrCode that has to be scanned by the Google Authenticator App (Recommended. You can download from Google Play or iTunes).

The application will display a code that needs to be inserted into the modal input box. If code verification goes well, it will enable the two-factor for the user.

If a user has enabled the two-factor, and after successfully login via username and email, it will render a new section where user will have to enter the code displayed on its Google Authenticator App in order to complete with the login process.

Recommended Reading

• 2amigos Two-Factor Library Docshttp://2fa-library.readthedocs.io/en/latest/)

© 2amigos 2013-2017