🌍
English
Announcement
- [2025-03-12] Piwigo 15.5.0 : batch manager gets more stable
- [2025-02-21] Piwigo 15.4.0 : SEO improved, load reduced, bugs fixed
- [2024-12-20] Piwigo 15.3.0 : same as 15.2.0 but compatible with PHP 7
- [2024-12-19] Piwigo 15.2.0 : better user activation and many fixes
- [2024-11-11] Piwigo 15.1.0 : small fixes and what's new popup
#1 2023-11-12 18:18:28
- GJSchaller
- Member
- 2022-05-26
- 19
Feature Request - 2FA using 6-Digit Code
Hello, I am looking for a way to make my Piwigo more secure, and preventing bots and bad actors from trying to log into my Piwigo site.
A lot of other sites / apps I use have a 2FA / MFA setup, where you are given a code (either a string of characters, or a QR code), and you add it to an App on your phone, such as Google Authenticator, Duo, Authy, etc. When you try to log into your account, you are prompted to type in this code from your phone.
Can something like this be added to Piwigo, either as a core security feature, or a plugin? I did look for a pluging, but didn't see one that offered this functionality.
Thank you!
Offline
#2 2023-11-12 19:39:37
- k5
- Member
- 2017-11-05
- 68
Re: Feature Request - 2FA using 6-Digit Code
hello
https://piwigo.org/ext/extension_view.php?eid=933
for exemple
Offline
#4 2023-11-12 22:45:19
- erAck
- Only trying to help
- 2015-09-06
- 2207
Re: Feature Request - 2FA using 6-Digit Code
I think they more meant TOTP instead of some mailed verification code, but there doesn't seem to be such thing.
Running Piwigo at https://erack.net/gallery/
Offline
#5 2023-11-13 02:29:57
- GJSchaller
- Member
- 2022-05-26
- 19
Re: Feature Request - 2FA using 6-Digit Code
erAck - yes, exactly, thank you. My setup makes it tricky to send emails, so I prefer 2FA via TOTP. (That was the phrase I was looking for, thank you!)
Offline
#6 2023-11-13 11:37:46
- homdax
- Member
- Sweden
- 2015-02-02
- 312
Re: Feature Request - 2FA using 6-Digit Code
Mind you that MFA does not work on all themes, I have been testing some boostrap themes and is right now a showstopper since the available captcha solutions do not work on most, if not all, of those themes
Offline
#7 2024-06-25 23:01:51
- GJSchaller
- Member
- 2022-05-26
- 19
Re: Feature Request - 2FA using 6-Digit Code
Hello, still looking for support on this - would it be possible to implement TOTP for Piwigo?
Because my home ISP blocks port 25, I can't send emails from my home server reliably, and TOTP would make it easier to secure my site / account.
Last edited by GJSchaller (2024-06-25 23:02:22)
Offline
#8 2024-07-15 10:00:53
- SchuminWeb
- Member
- Maryland, USA
- 2024-02-20
- 15
Re: Feature Request - 2FA using 6-Digit Code
Set it up so that I can use Google Authenticator for 2FA, and you've got a winning combo.
Offline