Actions
Task #7089
closed[dynamicweb] Implement 2FA in dynamicweb with ungleich-otp
Start date:
08/26/2019
Due date:
% Done:
0%
Estimated time:
PM Check date:
Description
Here's Nico's idea to do it:
I was wondering
If we can write some javascript code
that stores the seed in the browser
actually...
the code is not that long
So we could even ask the user to save it
and while it is not perfectly secure, we could do the following:
user creates an account -> gets the seed displayed -> we save it in the browser
the user is also asked to save it as 2FA
when the user tries to login, we run some client side code
that generates the token from the seed
and only submits the token back to us
Actions