The PRIM site mentions two alternatives to Google Authenticator - andOTP (Android only) and freeOTP (Android and iOS): https://prism-break.org/en/all/#authentication Not sure how these would work on the server side with Koha, but just throwing it out there... David Nind David Nind | david.nind@gmail.com PO Box 12367, Thorndon, Wellington, New Zealand 6144 m. +64 21 0537 847 On 20 April 2018 at 05:52, Kyle Hall <kyle.m.hall@gmail.com> wrote:
There seems to be some interest in adding 2 factor authentication to Koha. We are trying to find out what would be the most practical and easiest way to implement 2fa for Koha combined with what would be most useful for libraries that would actually *use* 2fa.
The bug report filed for it is https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20476
Basically, at this point we've come up with two ideas: 1) Use Auth::GoogleAuthenticator 2) Use PrivacyIdea ( https://www.privacyidea.org/ )
Implementing GoogleAuthenticator would be much simpler I think. However, my thought is the same users that are concerned about 2fa are the same users that are concerned about privacy, and may not be interested in it simply because it means giving at least some data to Google.
PrivacyIdea on the other hand would be more work for both the developer and the system admin since it is a completely separate package that would require installation and maintenance independent of Koha itself. However, it is also much more powerful and can offer a myriad of 2FA options that GoogleAuthenticator cannot. On the developer side, OTRS which is also written in Perl has implemented and may or may not have something useful we can crib from it ( https://github.com/privacyidea/privacyidea/tree/master/authmodules/OTRS ).
So, what does everything think? If you want 2FA, would GoogleAuthenticator be a reasonable solution?
Kyle
http://www.kylehall.info ByWater Solutions ( http://bywatersolutions.com ) Meadville Public Library ( http://www.meadvillelibrary.org ) Crawford County Federated Library System ( http://www.ccfls.org ) _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz https://lists.katipo.co.nz/mailman/listinfo/koha