Force 2FA for Administration

[zolthan]

Hi @runelaenen ,

do you think it's possible to force backend users to use the 2FA before using the rest of the administration? We have a customer whose admin users have to use the 2FA. Currently it is optional to use the 2FA and the users normally use the easy way without 2FA.

I could think of a message on login on the right side in the message center, or a forced redirect to the profile where the 2FA can be configured.

What do you mean?

Best
Sebastian

[zolthan]

Hi @runelaenen
do you plan to implement this feature in the near future? One of our customers has a policy that 2FA has to be used by admin users. Currently only a few of them are using it as they are not forced to use it.
Best
Sebastian

[runelaenen]

Hello @zolthan

Thank you for reaching out. While I understand the importance of the mandatory 2FA feature for your customer's policy, I currently don't have the bandwidth to implement it myself.
However, I welcome contributions from the open source community and encourage anyone interested in adding this feature to create a pull request. I would be happy to review and merge it once it meets the project's standards and requirements.

[zolthan]

Hi Rune,That’s why I wrote. I will have a look if we can improve it ourselves and contribute. I just needed to know if it’s in your pipe.

[zolthan]

Hi @runelaenen ,

we created this feature as a patch for our current version 1.1.2 we are running in the shop. Unfortunately it makes no sense to create a pull request for an old version. Maybe you can apply the patches to the current version so it will be available for the future 6.5 updates.

I hope it helps you.

Best, Sebastian

force2fa_id_js.patch
force2fa.patch

[zolthan]

Hi @runelaenen ,
did you look into our patches? Could you please add the feature to the plugin? Our customers who have Backend-2FA are using it mandatory. So no Backend-User can login without first going through the 2FA process.
Best
Sebastian