Project

General

Profile

Actions
Copy link

Bug #104312

open

TOTP MFA provider must support multiple devices

Added by Markus Klein 22 days ago. Updated 22 days ago.

Status:
New
Priority:
Must have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2024-07-05
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

It is insufficient to only allow registering a single TOTP device.
Best usecase: yubikeys. One should have more than one key (backup).

Therefore it must be possible to register multiple TOTP devices.

Actions
Copy link
 #1

Updated by Markus Klein 22 days ago

  • Assignee deleted (Oliver Hader)
Actions
Copy link
 #2

Updated by Markus Klein 22 days ago ยท Edited

Possible workaround is to define a virtual service using the totp provider again:

Services.yaml


  second-totp:
    class: TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider
    tags:
      - name: mfa.provider
        identifier: 'totp2'
        title: 'TOTP (backup)'
        description: 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.description'
        setupInstructions: 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.setupInstructions'
        icon: 'actions-qrcode'
        defaultProviderAllowed: true
        before: 'recovery-codes'
        after: 'totp'

Actions
Copy link

Also available in: Atom PDF