Open ThomasWaldmann opened 11 years ago
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).
see also issue #380 - maybe better?
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).
btw, it is important to also implement a switch to and away from 2fa, so not all users are required to use it (see how google and others handle it).
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).
a simple flask demo app for otp / 2factor
Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).
here is an existing implementation for wordpress:
http://wordpress.org/extend/plugins/google-authenticator/screenshots/
Original report by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).
The original report had attachments: flaskapp.py
add support for apps like google authenticator, use pyotp, oath or just some builtin code.
http://stackoverflow.com/questions/8529265/google-authenticator-implementation-in-python
maybe needs some additional code to generate qr code for the shared secret, e.g.:
https://github.com/lincolnloop/python-qrcode
see also the passlib issue about this:
http://code.google.com/p/passlib/issues/detail?id=44
Note: while not strictly required, it is useful to have a device that can scan a qrcode for this task. otherwise you have to somehow otherwise share the secret.