A Flarum extension that increases security by adding TOTP two factor authentication
- To increase forum security
- As a user, go to your account settings page and follow the prompts to setup twofactor
- No admin options to configure
This extension requires a bit more setup. These steps are optional but will greatly increase the security of this plugin.
First install it with composer:
composer require issyrocks12/flarum-ext-twofactor
Then login and enable the extension.
If you have Apache, add these lines right after the "RewriteEngine on"
RewriteCond %{REQUEST_URI} ^/login
RewriteRule ^(.*)$ - [F,L]
If you have Nginx add these lines to your server block:
location ~ ^/login {
deny all;
}
Q: What does this do? A: This extension uses a custom login handler and therefore a different url to send the login request to. If someone changes the url back to the default they could bypass the twof factor auth.
- Requests?
- None known