Server IP : 85.214.239.14 / Your IP : 18.222.161.119 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /var/www/wordpress/phpMyAdmin/doc/html/ |
Upload File : |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="X-UA-Compatible" content="IE=Edge" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Two-factor authentication — phpMyAdmin 5.0.2 documentation</title> <link rel="stylesheet" href="_static/classic.css" type="text/css" /> <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> <script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script> <script type="text/javascript" src="_static/jquery.js"></script> <script type="text/javascript" src="_static/underscore.js"></script> <script type="text/javascript" src="_static/doctools.js"></script> <script type="text/javascript" src="_static/language_data.js"></script> <link rel="index" title="Index" href="genindex.html" /> <link rel="search" title="Search" href="search.html" /> <link rel="copyright" title="Copyright" href="copyright.html" /> <link rel="next" title="Transformations" href="transformations.html" /> <link rel="prev" title="Configuring phpMyAdmin" href="settings.html" /> </head><body> <div class="related" role="navigation" aria-label="related navigation"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="genindex.html" title="General Index" accesskey="I">index</a></li> <li class="right" > <a href="transformations.html" title="Transformations" accesskey="N">next</a> |</li> <li class="right" > <a href="settings.html" title="Configuring phpMyAdmin" accesskey="P">previous</a> |</li> <li class="nav-item nav-item-0"><a href="index.html">phpMyAdmin 5.0.2 documentation</a> »</li> <li class="nav-item nav-item-1"><a href="user.html" accesskey="U">User Guide</a> »</li> </ul> </div> <div class="document"> <div class="documentwrapper"> <div class="bodywrapper"> <div class="body" role="main"> <div class="section" id="two-factor-authentication"> <span id="fa"></span><h1>Two-factor authentication<a class="headerlink" href="#two-factor-authentication" title="Permalink to this headline">¶</a></h1> <div class="versionadded"> <p><span class="versionmodified">New in version 4.8.0.</span></p> </div> <p>Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be used when logging in. To use this, you first need to configure the <a class="reference internal" href="setup.html#linked-tables"><span class="std std-ref">phpMyAdmin configuration storage</span></a>. Once this is done, every user can opt-in for the second authentication factor in the <span class="guilabel">Settings</span>.</p> <p>When running phpMyAdmin from the Git source repository, the dependencies must be installed manually; the typical way of doing so is with the command:</p> <div class="highlight-sh notranslate"><div class="highlight"><pre><span></span>composer require pragmarx/google2fa-qrcode </pre></div> </div> <p>Or when using a hardware security key with FIDO U2F:</p> <div class="highlight-sh notranslate"><div class="highlight"><pre><span></span>composer require samyoul/u2f-php-server </pre></div> </div> <div class="section" id="authentication-application-2fa"> <h2>Authentication Application (2FA)<a class="headerlink" href="#authentication-application-2fa" title="Permalink to this headline">¶</a></h2> <p>Using an application for authentication is a quite common approach based on HOTP and <a class="reference external" href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a>. It is based on transmitting a private key from phpMyAdmin to the authentication application and the application is then able to generate one time codes based on this key. The easiest way to enter the key in to the application from phpMyAdmin is through scanning a QR code.</p> <p>There are dozens of applications available for mobile phones to implement these standards, the most widely used include:</p> <ul class="simple"> <li><a class="reference external" href="https://freeotp.github.io/">FreeOTP for iOS, Android and Pebble</a></li> <li><a class="reference external" href="https://authy.com/">Authy for iOS, Android, Chrome, OS X</a></li> <li><a class="reference external" href="https://apps.apple.com/us/app/google-authenticator/id388497605">Google Authenticator for iOS</a></li> <li><a class="reference external" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Google Authenticator for Android</a></li> <li><a class="reference external" href="https://lastpass.com/auth/">LastPass Authenticator for iOS, Android, OS X, Windows</a></li> </ul> </div> <div class="section" id="hardware-security-key-fido-u2f"> <h2>Hardware Security Key (FIDO U2F)<a class="headerlink" href="#hardware-security-key-fido-u2f" title="Permalink to this headline">¶</a></h2> <p>Using hardware tokens is considered to be more secure than a software based solution. phpMyAdmin supports <a class="reference external" href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">FIDO U2F</a> tokens.</p> <p>There are several manufacturers of these tokens, for example:</p> <ul class="simple"> <li><a class="reference external" href="https://www.yubico.com/fido-u2f/">youbico FIDO U2F Security Key</a></li> <li><a class="reference external" href="https://www.hypersecu.com/tmp/products/hyperfido">HyperFIDO</a></li> <li><a class="reference external" href="https://trezor.io/?offer_id=12&aff_id=1592&source=phpmyadmin">Trezor Hardware Wallet</a> can act as an <a class="reference external" href="https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F">U2F token</a></li> <li><a class="reference external" href="https://www.dongleauth.info/dongles/">List of Two Factor Auth (2FA) Dongles</a></li> </ul> </div> <div class="section" id="simple-two-factor-authentication"> <span id="simple2fa"></span><h2>Simple two-factor authentication<a class="headerlink" href="#simple-two-factor-authentication" title="Permalink to this headline">¶</a></h2> <p>This authentication is included for testing and demonstration purposes only as it really does not provide two-factor authentication, it just asks the user to confirm login by clicking on the button.</p> <p>It should not be used in the production and is disabled unless <span class="target" id="index-0"></span><a class="reference internal" href="config.html#cfg_DBG_simple2fa"><code class="xref config config-option docutils literal notranslate"><span class="pre">$cfg['DBG']['simple2fa']</span></code></a> is set.</p> </div> </div> </div> </div> </div> <div class="sphinxsidebar" role="navigation" aria-label="main navigation"> <div class="sphinxsidebarwrapper"> <h3><a href="index.html">Table of Contents</a></h3> <ul> <li><a class="reference internal" href="#">Two-factor authentication</a><ul> <li><a class="reference internal" href="#authentication-application-2fa">Authentication Application (2FA)</a></li> <li><a class="reference internal" href="#hardware-security-key-fido-u2f">Hardware Security Key (FIDO U2F)</a></li> <li><a class="reference internal" href="#simple-two-factor-authentication">Simple two-factor authentication</a></li> </ul> </li> </ul> <h4>Previous topic</h4> <p class="topless"><a href="settings.html" title="previous chapter">Configuring phpMyAdmin</a></p> <h4>Next topic</h4> <p class="topless"><a href="transformations.html" title="next chapter">Transformations</a></p> <div role="note" aria-label="source link"> <h3>This Page</h3> <ul class="this-page-menu"> <li><a href="_sources/two_factor.rst.txt" rel="nofollow">Show Source</a></li> </ul> </div> <div id="searchbox" style="display: none" role="search"> <h3>Quick search</h3> <div class="searchformwrapper"> <form class="search" action="search.html" method="get"> <input type="text" name="q" /> <input type="submit" value="Go" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <div class="clearer"></div> </div> <div class="related" role="navigation" aria-label="related navigation"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="genindex.html" title="General Index" >index</a></li> <li class="right" > <a href="transformations.html" title="Transformations" >next</a> |</li> <li class="right" > <a href="settings.html" title="Configuring phpMyAdmin" >previous</a> |</li> <li class="nav-item nav-item-0"><a href="index.html">phpMyAdmin 5.0.2 documentation</a> »</li> <li class="nav-item nav-item-1"><a href="user.html" >User Guide</a> »</li> </ul> </div> <div class="footer" role="contentinfo"> © <a href="copyright.html">Copyright</a> 2012 - 2018, The phpMyAdmin devel team. Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.8.4. </div> </body> </html>