[Koha] Koha and 2 factor authentication

Chris Cormack chrisc at catalyst.net.nz
Fri Apr 20 07:39:00 NZST 2018


Hey Kyle

You already guessed my response, google authenticator would be ok, as a choice. But not the ideal option.
We ideally will support something that can handle things like yubikey as well.

So ok for Google as an option but not the only option, ie a system that supports other systems as well as authenticator 

Chris 

On 20 April 2018 5:52:42 AM NZST, Kyle Hall <kyle.m.hall at gmail.com> wrote:
>There seems to be some interest in adding 2 factor authentication to
>Koha.
>We are trying to find out what would be the most practical and easiest
>way
>to implement 2fa for Koha combined with what would be most useful for
>libraries that would actually *use* 2fa.
>
>The bug report filed for it is
>https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20476
>
>Basically, at this point we've come up with two ideas:
>1) Use Auth::GoogleAuthenticator
>2) Use PrivacyIdea ( https://www.privacyidea.org/ )
>
>Implementing GoogleAuthenticator would be much simpler I think.
>However, my
>thought is the same users that are concerned about 2fa are the same
>users
>that are concerned about privacy, and may not be interested in it
>simply
>because it means giving at least some data to Google.
>
>PrivacyIdea on the other hand would be more work for both the developer
>and
>the system admin since it is a completely separate package that would
>require installation and maintenance independent of Koha itself.
>However,
>it is also much more powerful and can offer a myriad of 2FA options
>that
>GoogleAuthenticator cannot. On the developer side, OTRS which is also
>written in Perl has implemented and may or may not have something
>useful we
>can crib from it (
>https://github.com/privacyidea/privacyidea/tree/master/authmodules/OTRS
>).
>
>So, what does everything think? If you want 2FA, would
>GoogleAuthenticator
>be a reasonable solution?
>
>Kyle
>
>
>http://www.kylehall.info
>ByWater Solutions ( http://bywatersolutions.com )
>Meadville Public Library ( http://www.meadvillelibrary.org )
>Crawford County Federated Library System ( http://www.ccfls.org )
>_______________________________________________
>Koha mailing list  http://koha-community.org
>Koha at lists.katipo.co.nz
>https://lists.katipo.co.nz/mailman/listinfo/koha

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.


More information about the Koha mailing list