[feat]: 2FA Support for Login (TOTP)

[kn0wmad]

Prerequisites

• [X] I have searched for existing issues that already suggest this feature, without success.

Describe the Feature Request

Add the option for a second factor login requirement for the Embassy main login

Describe the Use Case

Additional security, if your password is compromised, access would still require a 2nd device be compromised

Describe Preferred Solution

Easiest would be TOTP support for apps such as andOTP, Aegis, etc

Describe Alternatives

No response

Anything else?

No response

[Blu-J]

Well, would also like to point out that webauthn would be a good standard / alternative to totp. https://webauthn.guide/ https://blog.trezor.io/why-you-should-never-use-google-authenticator-again-e166d09d4324

[kn0wmad]

Well, would also like to point out that webauthn would be a good standard / alternative to totp. https://webauthn.guide/ https://blog.trezor.io/why-you-should-never-use-google-authenticator-again-e166d09d4324

This does look generally better, thank you

[chrisguida]

oh slick, i forgot trezors can be used as u2f devices

[k0gen]

I used to be a heavy Authy user (now owned by Twilio) but now that I have Vaultwarden as server and Bitwarden as clients I have found myself migrating most of my essential 2FA sites to use TOTP from Bitwarden.

Anyways you might find this useful: Build Two-factor Authentication in Angular with Twilio Authy