Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:2.1:secondfactor [2019/07/24 11:02]
maxbes [Second Factors]
documentation:2.1:secondfactor [2020/04/30 21:04] (current)
cmaudoux [Second Factors]
Line 7: Line 7:
  
 Since 2.0, LLNG provides some second factor plugins that can be used to complete authentication module with 2FA : Since 2.0, LLNG provides some second factor plugins that can be used to complete authentication module with 2FA :
 +  * [[utotp2f|U2F-or-TOTP]] //(enable both U2F and TOTP)//
 +  * [[totp2f|TOTP]] //(to use with [[https://​freeotp.github.io/​|FreeOTP]],​ [[https://​en.wikipedia.org/​wiki/​Google_Authenticator|Google-Authenticator]],​…)//​
   * [[u2f|U2F tokens]]   * [[u2f|U2F tokens]]
-  * [[totp2f|TOTP]] //(to use with [[https://​freeotp.github.io/​|FreeOTP]],​ [[https://​en.wikipedia.org/​wiki/​Google_Authenticator|Google-Authenticator]],​…)//​ 
-  * [[utotp2f|U2F-or-TOTP]] //(enable both U2F and TOTP)// 
   * [[yubikey2f|Yubikey tokens]] // provide by Yubico// ​   * [[yubikey2f|Yubikey tokens]] // provide by Yubico// ​
-  * [[rest2f|REST]] //(Remote REST app)// +  * [[mail2f|E-Mail 2F]] //(Send a code to an email address)// 
   * [[external2f|External 2F]] //(to call an external command)// ​   * [[external2f|External 2F]] //(to call an external command)// ​
-  * [[mail2f|E-Mail 2F]] //(Send a code to an email address)// +  * [[rest2f|REST]] //(Remote REST app)// 
 +  * [[radius2f|RADIUS]] //(Remote RADIUS server)//
  
 The E-Mail, External and REST 2F modules [[sfExtra|may be declared multiple times]] with different sets of parameters. The E-Mail, External and REST 2F modules [[sfExtra|may be declared multiple times]] with different sets of parameters.
Line 19: Line 20:
 <note tip>If you want to force a 2F registration on first login, you can use '​Require 2FA'. You can also use a rule to force 2FA registration only for some users.</​note>​ <note tip>If you want to force a 2F registration on first login, you can use '​Require 2FA'. You can also use a rule to force 2FA registration only for some users.</​note>​
 <note tip>You can display a message if an expired second factor has been removed by enabling '​Display a message if an expired SF is removed'​ option or setting a rule.</​note>​ <note tip>You can display a message if an expired second factor has been removed by enabling '​Display a message if an expired SF is removed'​ option or setting a rule.</​note>​
 +<note tip>Link to second factor Manager is automatically display if at least a SFA module is enabled. You can set a rule to display or not the link.</​note>​
 ===== Providing tokens from an external source ===== ===== Providing tokens from an external source =====