History: PluginTOTP
Source of version: 24
Copy to clipboard
New in ((Tiki22)) !!!What is Time-Based One-Time Password? A time-based one-time password __(TOTP)__ is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. Time-based one-time passwords are commonly used for [https://doc.tiki.org/Two-factor-authentication|two-factor authentication] and have seen growing adoption by cloud application providers. In two-factor authentication scenarios, a user must enter a traditional, static password as well as a time-based one-time password to gain access to digital information or a computing system. Typically, the temporary passcode expires after 30, 60, 120 or 240 seconds. TOTP (Time-based One-time Password algorithm) is a different use case than ((Two-factor authentication)), which protects a Tiki instance. This permits to manage the key (instead of putting on a smartphone) to connect to another site (which may or many not be a Tiki) !!!Using PluginTOTP in Tiki! Let's suppose I am trying to connect to my Admin Dashboard, I begin by entering my username and password. Then I’m prompted for the TOTP, which I read off of the token and type into the third login field. Once I’ve done so, I’m logged in. ^((You need to act fast because these codes start expiring, which if I’m too slow, sometimes yields a login misfire and I need to try again with a fresher TOTP.)) ^ !!!!Step 1 : Activate pluginTOTP Go to Control Pannel, search TOTP, check the PluginTOTP preferences and Click Apply to save changes. {img src="display1829" link="display1829" width="700" rel="box[g]" imalign="center" alt="Search TOTP in control pannel to activate the plugin" desc="Click to expand" align="center" styleimage="border"} !!!!Step 2 : Configure pluginTOTP You need to setup a wiki login page with following input fields : ^ * Username Field * Password Field * TOTP Code Field ^ {CODE(caption="PluginTOTP CODE SNIPET" theme="default")}{totp secret="YOUR SECRET TOTP CODE" interval="INTERVAL IN SECONDS" issuer="YOUR ISSUER PAGE"}{CODE} If you want to use advanced options of the pluginTOTP, click at the Help button (at right corner of your wiki-page editor), search TOTP in PluginHelp tab. __~~#06F:You should now see something like this~~!__ {img src="display1830" link="display1830" width="700" rel="box[g]" imalign="center" alt="TOTP QR Code Scan procedure" desc="Click to expand" align="center" styleimage="border"} !!!! Step 3 : Authenticate Finally, when authenticating on page "Log In” (e.g. http://www.example.com/tiki-login_scr.php?totpForm), take the code generated by Google Authenticator® App and enter it in the __totpCode Field you recently created.__ Code: https://gitlab.com/tikiwiki/tiki/-/blob/master/lib/wiki-plugins/wikiplugin_totp.php See also : https://doc.tiki.org/tiki-editpage.php?page=Two-factor+authentication !!! PluginTOTP