Project

General

Custom queries



Profile

Actions

Feature #1237

closed

Add support for two-factor authentication

Added by Sam McCoy over 16 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Accounts / authentication
Target version:
Start date:
2008-05-14
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed

Description

Please add support for a one time password service, such as Yubikey, and add the ability to authenticate against a two-factor authentication system (as in RSA SecurID).


Files

0002-2-factor-authentication-disabled-enabled-required.patch (13.8 KB) 0002-2-factor-authentication-disabled-enabled-required.patch Felix Schäfer, 2018-01-02 18:42
0001-2-factor-authentication-using-TOTP.patch (30 KB) 0001-2-factor-authentication-using-TOTP.patch Felix Schäfer, 2018-01-02 18:42
0003-Backup-codes-for-2-factor-authentication.patch (18.8 KB) 0003-Backup-codes-for-2-factor-authentication.patch Felix Schäfer, 2018-01-02 18:42
2fa-setting@2x.png (55.4 KB) 2fa-setting@2x.png Go MAEDA, 2018-01-04 07:30
2fa-my-account@2x.png (45.5 KB) 2fa-my-account@2x.png Go MAEDA, 2018-01-04 07:34
2fa-enabling@2x.png (26.1 KB) 2fa-enabling@2x.png Go MAEDA, 2018-01-04 07:35
2fa-enter-auth-code@2x.png (15.4 KB) 2fa-enter-auth-code@2x.png Go MAEDA, 2018-01-04 07:39
ja-translation-2fa.diff (4.21 KB) ja-translation-2fa.diff Go MAEDA, 2018-01-29 05:19
0001-2-factor-authentication-using-TOTP.patch (27.6 KB) 0001-2-factor-authentication-using-TOTP.patch Felix Schäfer, 2019-08-14 13:04
0001-adds-two-factor-authentication-support.patch (3.14 KB) 0001-adds-two-factor-authentication-support.patch Jens Krämer, 2019-08-17 15:46
0002-adds-a-setting-to-disable-enable-require-2fa-auth.patch (3.15 KB) 0002-adds-a-setting-to-disable-enable-require-2fa-auth.patch Jens Krämer, 2019-08-17 15:46
0003-backup-codes-for-2fa-auth.patch (3.13 KB) 0003-backup-codes-for-2fa-auth.patch Jens Krämer, 2019-08-17 15:46
0004-adds-integration-test-for-totp-two-factor-auth.patch (3.15 KB) 0004-adds-integration-test-for-totp-two-factor-auth.patch Jens Krämer, 2019-08-17 15:46
0002-adds-a-setting-to-disable-enable-require-2fa-auth.patch (13.8 KB) 0002-adds-a-setting-to-disable-enable-require-2fa-auth.patch Jens Krämer, 2019-08-17 16:05
0001-adds-two-factor-authentication-support.patch (30.4 KB) 0001-adds-two-factor-authentication-support.patch Jens Krämer, 2019-08-17 16:05
0004-adds-integration-test-for-totp-two-factor-auth.patch (4.83 KB) 0004-adds-integration-test-for-totp-two-factor-auth.patch Jens Krämer, 2019-08-17 16:05
0003-backup-codes-for-2fa-auth.patch (18.9 KB) 0003-backup-codes-for-2fa-auth.patch Jens Krämer, 2019-08-17 16:05
0001-adds-two-factor-authentication-support.patch (30.8 KB) 0001-adds-two-factor-authentication-support.patch Jens Krämer, 2019-08-20 08:43
0001-Adds-two-factor-authentication-support-1237.patch (34.5 KB) 0001-Adds-two-factor-authentication-support-1237.patch Go MAEDA, 2020-08-26 18:22
0002-Adds-a-setting-to-disable-enable-require-2fa-auth-12.patch (13.9 KB) 0002-Adds-a-setting-to-disable-enable-require-2fa-auth-12.patch Go MAEDA, 2020-08-26 18:22
0003-Backup-codes-for-2fa-auth-1237.patch (20.6 KB) 0003-Backup-codes-for-2fa-auth-1237.patch Go MAEDA, 2020-08-26 18:22
0004-Integration-test-for-2fa-auth-1237.patch (5.74 KB) 0004-Integration-test-for-2fa-auth-1237.patch Go MAEDA, 2020-08-26 18:22

Related issues

Related to Redmine - Feature #699: OpenID loginClosedEric Davis2008-02-20

Actions
Related to Redmine - Defect #33925: ArgumentError in lib/redmine/twofa/base.rb after updating a source file in development modeClosedGo MAEDA

Actions
Related to Redmine - Patch #33929: Encrypt / decrypt TOTP secret keys with `rake db:encrypt` / `rake db:decrypt`ClosedGo MAEDA

Actions
Related to Redmine - Defect #33932: Can't view "My account" page when 2fa is setting to optionalClosedGo MAEDA

Actions
Related to Redmine - Defect #34233: otpauth uri should include a login id, not an email addressClosedGo MAEDA

Actions
Related to Redmine - Defect #34234: Use Setting.host_name instead of Setting.app_title as TOTP issuer to avoid name collision with other instances or appsClosedGo MAEDA

Actions
Related to Redmine - Feature #34241: Include twofa_scheme (two-factor scheme) column when exporting users to CSVClosedGo MAEDA

Actions
Related to Redmine - Feature #34495: Don't show "Two-factor authentication" on new user formClosedGo MAEDA

Actions
Related to Redmine - Defect #34618: Cannot sign in when both enabling two-factor authentication and changing password are requiredClosedGo MAEDA

Actions
Related to Redmine - Feature #34070: Allow setting a grace period when forcing 2FANewMarius BĂLTEANU

Actions
Related to Redmine - Patch #35372: Better presentation for 2FA recovery codesClosedGo MAEDA

Actions
Related to Redmine - Feature #35001: Disable API authentication with username and password when two-factor authentication is enabled for the userClosedMarius BĂLTEANU

Actions
Related to Redmine - Feature #35086: Please consider changing the way how 2FA is set upClosed

Actions
Related to Redmine - Feature #35439: Option to require 2FA only for users with administration rightsClosedMarius BĂLTEANU

Actions
Related to Redmine - Defect #35417: User sessions not reset after 2FA activationClosedGo MAEDA

Actions
Related to Redmine - Feature #35934: Show 2FA status in users list from administration with option to filterClosedMarius BĂLTEANU

Actions
Blocks Redmine - Feature #31920: Require 2FA only for certain user groupsClosedMarius BĂLTEANU

Actions
#2

Updated by Etienne Massip over 13 years ago

  • Category set to Accounts / authentication
#9

Updated by Felix Schäfer about 7 years ago

#10

Updated by Jan from Planio www.plan.io about 7 years ago

  • Target version set to Candidate for next major release
#11

Updated by Jan from Planio www.plan.io about 7 years ago

  • Tracker changed from Feature to Patch
  • Status changed from New to Needs feedback
#12

Updated by Go MAEDA about 7 years ago

#13

Updated by Go MAEDA almost 7 years ago

  • Target version changed from Candidate for next major release to 4.1.0
#15

Updated by Go MAEDA almost 7 years ago

  • File ja-translation-2fa.diff added
#16

Updated by Go MAEDA almost 7 years ago

#17

Updated by Go MAEDA almost 7 years ago

  • File deleted (ja-translation-2fa.diff)
#20

Updated by Go MAEDA over 5 years ago

  • Target version changed from 4.1.0 to 4.2.0
#21

Updated by Felix Schäfer over 5 years ago

#23

Updated by Jens Krämer over 5 years ago

#27

Updated by Go MAEDA over 5 years ago

  • Blocks Feature #31920: Require 2FA only for certain user groups added
#28

Updated by Jens Krämer over 5 years ago

#29

Updated by Go MAEDA over 5 years ago

  • File 0001-adds-two-factor-authentication-support-r18547.patch added
  • File 0002-adds-a-setting-to-disable-enable-require-2fa-auth-r18547.patch added
#30

Updated by Go MAEDA over 5 years ago

  • Status changed from Needs feedback to New
  • Assignee set to Jean-Philippe Lang
  • Target version changed from 4.2.0 to 4.1.0
#32

Updated by Marius BĂLTEANU over 5 years ago

  • Assignee changed from Jean-Philippe Lang to Go MAEDA
  • Target version changed from 4.1.0 to 4.2.0
#33

Updated by Go MAEDA over 5 years ago

  • File 0001-adds-two-factor-authentication-support-r18593.patch added
  • File 0002-adds-a-setting-to-disable-enable-require-2fa-auth-r18593.patch added
  • File 0003-backup-codes-for-2fa-auth-r18593.patch added
  • File 0004-adds-integration-test-for-totp-two-factor-auth-r18593.patch added
  • Subject changed from Add support for one time passwords or two-factor authentication to Add support for two-factor authentication
  • Target version changed from 4.2.0 to 4.1.0
#35

Updated by Go MAEDA about 5 years ago

  • File 0001-adds-two-factor-authentication-support-r18640.patch added
  • Assignee changed from Go MAEDA to Jean-Philippe Lang
#36

Updated by Go MAEDA about 5 years ago

  • File deleted (0001-adds-two-factor-authentication-support-r18640.patch)
#37

Updated by Go MAEDA about 5 years ago

  • File deleted (0001-adds-two-factor-authentication-support-r18593.patch)
#38

Updated by Go MAEDA about 5 years ago

  • File deleted (0001-adds-two-factor-authentication-support-r18547.patch)
#39

Updated by Go MAEDA about 5 years ago

  • File deleted (0002-adds-a-setting-to-disable-enable-require-2fa-auth-r18547.patch)
#40

Updated by Go MAEDA about 5 years ago

  • File 0001-adds-two-factor-authentication-support-r18859.patch added
#41

Updated by Jean-Philippe Lang about 5 years ago

  • Target version changed from 4.1.0 to 5.0.0
#42

Updated by Go MAEDA about 5 years ago

  • Target version changed from 5.0.0 to 4.2.0
#44

Updated by Go MAEDA over 4 years ago

  • File deleted (0001-adds-two-factor-authentication-support-r18859.patch)
#45

Updated by Go MAEDA over 4 years ago

  • File deleted (0004-adds-integration-test-for-totp-two-factor-auth-r18593.patch)
#46

Updated by Go MAEDA over 4 years ago

  • File deleted (0003-backup-codes-for-2fa-auth-r18593.patch)
#47

Updated by Go MAEDA over 4 years ago

  • File deleted (0002-adds-a-setting-to-disable-enable-require-2fa-auth-r18593.patch)
#50

Updated by Go MAEDA over 4 years ago

  • Tracker changed from Patch to Feature
  • Status changed from New to Closed
  • Resolution set to Fixed
#51

Updated by Go MAEDA over 4 years ago

  • Related to Defect #33925: ArgumentError in lib/redmine/twofa/base.rb after updating a source file in development mode added
#52

Updated by Go MAEDA over 4 years ago

  • Related to Patch #33929: Encrypt / decrypt TOTP secret keys with `rake db:encrypt` / `rake db:decrypt` added
#53

Updated by Go MAEDA over 4 years ago

  • Related to Defect #33932: Can't view "My account" page when 2fa is setting to optional added
#54

Updated by Go MAEDA about 4 years ago

  • Related to Defect #34233: otpauth uri should include a login id, not an email address added
#55

Updated by Go MAEDA about 4 years ago

  • Related to Defect #34234: Use Setting.host_name instead of Setting.app_title as TOTP issuer to avoid name collision with other instances or apps added
#56

Updated by Go MAEDA about 4 years ago

  • Related to Feature #34241: Include twofa_scheme (two-factor scheme) column when exporting users to CSV added
#57

Updated by Go MAEDA about 4 years ago

  • Related to Feature #34495: Don't show "Two-factor authentication" on new user form added
#58

Updated by Go MAEDA almost 4 years ago

  • Related to Defect #34618: Cannot sign in when both enabling two-factor authentication and changing password are required added
#59

Updated by Marius BĂLTEANU over 3 years ago

  • Related to Feature #34070: Allow setting a grace period when forcing 2FA added
#60

Updated by Marius BĂLTEANU over 3 years ago

  • Related to Patch #35372: Better presentation for 2FA recovery codes added
#61

Updated by Marius BĂLTEANU over 3 years ago

  • Related to Feature #35001: Disable API authentication with username and password when two-factor authentication is enabled for the user added
#62

Updated by Marius BĂLTEANU over 3 years ago

  • Related to Feature #35086: Please consider changing the way how 2FA is set up added
#63

Updated by Marius BĂLTEANU over 3 years ago

  • Related to Feature #35439: Option to require 2FA only for users with administration rights added
#64

Updated by Marius BĂLTEANU over 3 years ago

  • Related to Defect #35417: User sessions not reset after 2FA activation added
#65

Updated by Marius BĂLTEANU about 3 years ago

  • Related to Feature #35934: Show 2FA status in users list from administration with option to filter added
Actions

Also available in: Atom PDF