Two Factor Authentication

Adds an extra layer of security to the October CMS backend.

Back to Two Factor Authentication Support

neilcarpenter
neilcarpenter

Is it possible to configure this plugin to force 2FA with every login?

VDLP
VDLP

Can you add more context to your question?

If the session has been expired the user needs to login. See session.lifetime for the session lifetime.

Please note that the configuration parameter backend.force_remember should be false. If this is true the backend login will be remembered for 5 (!) years.

neilcarpenter
neilcarpenter

I have some users that have configured 2FA, and when they log in, they're not being asked to enter a 2FA code.

Is this normal behaviour if backend.force_remember is true?

It's strange because I have logged myself out manually, and I still get asked for 2FA.

1-3 of 3