Two Factor Authentication
since build 256
Pimcore has an integrated two factor authentication using the Google Authenticator (Android, iOS)
User Setup
By default every user can enable or disable their two factor authentication freely in the profile settings. (Settings -> My Profile)
After enabling it a secret will be generated and you can setup your Google Authenticator App.
Please be aware if you don't setup the App properly you will loose access to your account!
After reloading you will be prompt to enter the verification code for the first time.
Admin Setup
It is also possible to force users to use two factor authentication. This can be done in the Users menu by checking 'Two Factor Authentication required'. (Settings -> Users / Roles -> Users)
If this is enabled the user will have to setup two factor authentication and cannot disable it anymore.
Config
If you want to change the default name / description that is displayed in the app you can do this by overwriting the following config:
scheb_two_factor:
google:
server_name: Pimcore # Server name used in QR code
issuer: Pimcore 2 Factor Authentication # Issuer name used in QR code