ghost
commented
10 years ago @w-hive Here is how I would see it.
A person enables 2fa in the settings menu. It generates a QR code, and they scan it and verify it. Then after some time the user logs out. Once they type in their pin (and successfully login), another page opens with a textbox. This is where they type in the code and submit. There should also be an option to remember this computer for 14 days since 2fa gets annoying sometimes. After they type in their 2fa successfully, they can access hive!
Im not sure about the method of creating the codes, but according to google authenticator, there are two methods: One-time Password (HOTP) (https://tools.ietf.org/html/rfc4226) Time-based One-time Password (TOTP) (https://tools.ietf.org/html/rfc6238)
I know for a fact that the authy app also supports both methods above, so any user should be able to use Google Authenticator and Authy assuming they scan the QR code that was generated.
How should we provide the second factor?