search

OrchardCMS / Orchard

Orchard is a free, open source, community-focused Content Management System built on the ASP.NET MVC platform.
https://orchardproject.net
BSD 3-Clause "New" or "Revised" License
2.37k stars 1.12k forks source link

U2F MFA support #7543

Open johnwason opened 7 years ago

johnwason commented 7 years ago

U2F seems to be a promising MFA technology that is gaining support. Are there any plans to add U2F support to Orchard logins?

sebastienros commented 7 years ago

I have no idea what it means to support it. If you think that could be provided as module please try to make one. Maybe the first step would be to support 2FA as implemented by ASP.NET Identity providers.

johnwason commented 7 years ago

I can develop the module, however I am not sure how to deal with the two-step authentication. U2F and other MFA technologies use a two step login. During this two-step login, the username and password is verified, and then a challenge page is sent to receive the second factor, whether it is a code or a U2F signature. The current "ValidateUser" command in "MembershipService" can only handle the one step authentication that accepts username and password pairs. I am hesitant to develop a module supporting U2F without knowing if there are any plans to modify this design.

sebastienros commented 7 years ago

Maybe this could be based on @ThaerAlAjlouni 's OpenId module (in dev branch) that include the ASP.NET IDentity authentication providers. I know they support 2FA.