Project

General

Profile

Actions
Copy link

Bug #104312

closed

TOTP MFA provider must support multiple devices

Added by Markus Klein 5 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2024-07-05
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

It is insufficient to only allow registering a single TOTP device.
Best usecase: yubikeys. One should have more than one key (backup).

Therefore it must be possible to register multiple TOTP devices.

Actions
Copy link
 #1

Updated by Markus Klein 5 months ago

  • Assignee deleted (Oliver Hader)
Actions
Copy link
 #2

Updated by Markus Klein 5 months ago ยท Edited

Possible workaround is to define a virtual service using the totp provider again:

Services.yaml


  second-totp:
    class: TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider
    tags:
      - name: mfa.provider
        identifier: 'totp2'
        title: 'TOTP (backup)'
        description: 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.description'
        setupInstructions: 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.setupInstructions'
        icon: 'actions-qrcode'
        defaultProviderAllowed: true
        before: 'recovery-codes'
        after: 'totp'

Actions
Copy link
 #3

Updated by Georg Ringer 4 months ago

  • Status changed from New to Closed

closing issue in favor of document how to fix it, cross post to github > https://github.com/TYPO3-Documentation/TYPO3CMS-Reference-CoreApi/issues/4648

Actions
Copy link

Also available in: Atom PDF