kanboard_ynh/sources/doc/2fa.markdown

Two factor authentication

Each user can enable the two factor authentication. After a successful login, a one-time code (6 characters) is asked to the user to allow the access to Kanboard.

This code have to be provided by a compatible software generally installed on your smartphone.

Kanboard use the Time-based One-time Password Algorithm defined in the RFC 6238.

There are many software compatible with the standard TOTP system. By example, you can use these free and open source applications:

• Google Authenticator (Android, iOS, Blackberry)
• FreeOTP (Android, iOS)
• OATH Toolkit (Command line utility on Unix/Linux)

This system can work offline and you don't necessary need to have a mobile phone.

Setup

1. Go to your user profile
2. On the left, click on Two factor authentication and check the box
3. A secret key is generated for you

• You have to save the secret key in your TOTP software. If you use a smartphone, the easiest solution is to scan the QR code with FreeOTP or Google Authenticator.
• Each time you will open a new session, a new code will be asked
• Don't forget to test your device before closing your session

A new secret key is generated each time you enable/disable this feature.