[Koha] Koha and 2 factor authentication

Mark Tompsett mtompset at hotmail.com
Fri Apr 20 07:30:09 NZST 2018 

Greetings,

2 Factor Authentication is a great idea. Google Authenticator would be nice. 
That does work for a majority of the organization(s) I work with.
However, since they are spread all over the world, some places have Google 
blocked or limited. As such, perhaps the latter is better.

GPML,
Mark Tompsett

-----Original Message----- 
From: Kyle Hall
Sent: Thursday, April 19, 2018 1:52 PM
To: Koha
Subject: [Koha] Koha and 2 factor authentication

There seems to be some interest in adding 2 factor authentication to Koha.
We are trying to find out what would be the most practical and easiest way
to implement 2fa for Koha combined with what would be most useful for
libraries that would actually *use* 2fa.

The bug report filed for it is
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20476

Basically, at this point we've come up with two ideas:
1) Use Auth::GoogleAuthenticator
2) Use PrivacyIdea ( https://www.privacyidea.org/ )

Implementing GoogleAuthenticator would be much simpler I think. However, my
thought is the same users that are concerned about 2fa are the same users
that are concerned about privacy, and may not be interested in it simply
because it means giving at least some data to Google.

PrivacyIdea on the other hand would be more work for both the developer and
the system admin since it is a completely separate package that would
require installation and maintenance independent of Koha itself. However,
it is also much more powerful and can offer a myriad of 2FA options that
GoogleAuthenticator cannot. On the developer side, OTRS which is also
written in Perl has implemented and may or may not have something useful we
can crib from it (
https://github.com/privacyidea/privacyidea/tree/master/authmodules/OTRS ).

So, what does everything think? If you want 2FA, would GoogleAuthenticator
be a reasonable solution?

Kyle


http://www.kylehall.info
ByWater Solutions ( http://bywatersolutions.com )
Meadville Public Library ( http://www.meadvillelibrary.org )
Crawford County Federated Library System ( http://www.ccfls.org )
_______________________________________________
Koha mailing list  http://koha-community.org
Koha at lists.katipo.co.nz
https://lists.katipo.co.nz/mailman/listinfo/koha

More information about the Koha mailing list