Skip to content

Ability to use TOTP 2FA multi-factor authentication #360

Description

@nekohayo

Hello there, this is a security/safety feature suggestion: as the modern world is not as safe as it used to be, it would be desirable for BW's website to offer, the opt-in ability for users to require successful 2FA using the TOTP 2FA standard, on each login.

That technique/technology is generic and lets you use any independent authentication application (see the list of such applications).
For example, Aegis on an Android phone or GNOME's Authenticator on a laptop (or Linux phone), etc.

The idea is simple: during your travels, if someone steals (or borrows) the laptop you use to log into the web interface, they would not be able to log into the BW website without also having stolen and unlocked your second device that has the 2FA, or vice versa. Or they might have to go through more steps, at least.

As BW is kind of like a social network or online identity, it might be desirable to be able to protect it that way, for those who feel confident about using this type of added security.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions