Actions
Bug #104312
openTOTP MFA provider must support multiple devices
Status:
New
Priority:
Must have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2024-07-05
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
It is insufficient to only allow registering a single TOTP device.
Best usecase: yubikeys. One should have more than one key (backup).
Therefore it must be possible to register multiple TOTP devices.
Updated by Markus Klein 22 days ago ยท Edited
Possible workaround is to define a virtual service using the totp provider again:
Services.yaml
second-totp:
class: TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider
tags:
- name: mfa.provider
identifier: 'totp2'
title: 'TOTP (backup)'
description: 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.description'
setupInstructions: 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.setupInstructions'
icon: 'actions-qrcode'
defaultProviderAllowed: true
before: 'recovery-codes'
after: 'totp'
Actions