[SOLVED] 2 factor auth question

This topic is locked

[SOLVED] 2 factor auth question	10/28/2021 12:43:47 AM
PHPRunner General questions
M MikeT author (I should probably test it myself...) I'm about to build another phpr application. The security requirements are 2 factor with TOPT (google authenticator), but no self registration for users. So the admin will create users in the application. I did this before, with the required code to hash passwords after creation of users etc. Question: is it possible to make totp required for users, and having them set it up once they receive the login (username 6 password) by another channel (phone, sms) from the admin? In other words: if they go on the login page they'll be presented with the QR-code page after the first login. thanks!


M	MikeT author 10/28/2021
	OK, put my laziness aside and tested for myself: if you add an user as an admin as described in the scenario above, with totp 2factor mandatory, the user is then presented with the login screen (username/password), and upon first login the screen with the QR code for the registration in the authenticator app shows. IN other words: works perfectly fine in this scenario with no additional code needed.