🌍
English
Announcement
- [2026-02-24] Piwigo 16.3.0 : security fixes and docker update
- [2025-12-30] Piwigo 16.2.0 : customize Standard Pages
- [2025-12-02] Piwigo 16.1.0 : better compatibility with old/new PHP versions
- [2025-11-24] Piwigo 16 : Standard pages, API keys, Docker image
- [2025-11-18] Piwigo 16.0.0RC3
#1 2023-11-12 18:18:28
- GJSchaller
- Member
- 2022-05-26
- 34
Feature Request - 2FA using 6-Digit Code
Hello, I am looking for a way to make my Piwigo more secure, and preventing bots and bad actors from trying to log into my Piwigo site.
A lot of other sites / apps I use have a 2FA / MFA setup, where you are given a code (either a string of characters, or a QR code), and you add it to an App on your phone, such as Google Authenticator, Duo, Authy, etc. When you try to log into your account, you are prompted to type in this code from your phone.
Can something like this be added to Piwigo, either as a core security feature, or a plugin? I did look for a pluging, but didn't see one that offered this functionality.
Thank you!
Offline
#2 2023-11-12 19:39:37
- k5
- Member
- 2017-11-05
- 70
Re: Feature Request - 2FA using 6-Digit Code
hello
https://piwigo.org/ext/extension_view.php?eid=933
for exemple
Offline
#4 2023-11-12 22:45:19
- erAck
- Only trying to help
- 2015-09-06
- 2234
Re: Feature Request - 2FA using 6-Digit Code
I think they more meant TOTP instead of some mailed verification code, but there doesn't seem to be such thing.
Running Piwigo at https://erack.net/gallery/
Offline
#5 2023-11-13 02:29:57
- GJSchaller
- Member
- 2022-05-26
- 34
Re: Feature Request - 2FA using 6-Digit Code
erAck - yes, exactly, thank you. My setup makes it tricky to send emails, so I prefer 2FA via TOTP. (That was the phrase I was looking for, thank you!)
Offline
#6 2023-11-13 11:37:46
- homdax
- Member
- Sweden
- 2015-02-02
- 321
Re: Feature Request - 2FA using 6-Digit Code
Mind you that MFA does not work on all themes, I have been testing some boostrap themes and is right now a showstopper since the available captcha solutions do not work on most, if not all, of those themes
Offline
#7 2024-06-25 23:01:51
- GJSchaller
- Member
- 2022-05-26
- 34
Re: Feature Request - 2FA using 6-Digit Code
Hello, still looking for support on this - would it be possible to implement TOTP for Piwigo?
Because my home ISP blocks port 25, I can't send emails from my home server reliably, and TOTP would make it easier to secure my site / account.
Last edited by GJSchaller (2024-06-25 23:02:22)
Offline
#8 2024-07-15 10:00:53
- SchuminWeb
- Member
- Maryland, USA
- 2024-02-20
- 27
Re: Feature Request - 2FA using 6-Digit Code
Set it up so that I can use Google Authenticator for 2FA, and you've got a winning combo.
Offline
#9 2025-11-24 08:05:37
- eh
- Member
- 2025-11-24
- 2
Re: Feature Request - 2FA using 6-Digit Code
When is Piwigo planning to introduce multi-factor authentication (via email or TOTP) and other password-guessing countermeasures for hosted galleries (xyz.piwigo.com)?
The lack of MFA being available significantly increases the likelihood of user account compromise and is highly problematic in 2025.
Offline
#10 2025-11-24 17:12:29
- Linty
- Piwigo Team
- 2023-11-03
- 58
Re: Feature Request - 2FA using 6-Digit Code
Hello eh,
Piwigo 16 arrives with a new 2FA plugin!
“An adventure between passion and logic.”
Offline
#11 2025-11-25 07:35:49
- eh
- Member
- 2025-11-24
- 2
Re: Feature Request - 2FA using 6-Digit Code
That's great to hear, thank you for letting me know!
Linty wrote:
Hello eh,
Piwigo 16 arrives with a new 2FA plugin!
Offline