1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Two-factor authentication — phpMyAdmin 4.8.5 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '4.8.5',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
<link rel="copyright" title="Copyright" href="copyright.html" />
<link rel="top" title="phpMyAdmin 4.8.5 documentation" href="index.html" />
<link rel="up" title="User Guide" href="user.html" />
<link rel="next" title="Transformations" href="transformations.html" />
<link rel="prev" title="Configuring phpMyAdmin" href="settings.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="transformations.html" title="Transformations"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="settings.html" title="Configuring phpMyAdmin"
accesskey="P">previous</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">phpMyAdmin 4.8.5 documentation</a> »</li>
<li class="nav-item nav-item-1"><a href="user.html" accesskey="U">User Guide</a> »</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="two-factor-authentication">
<span id="fa"></span><h1>Two-factor authentication<a class="headerlink" href="#two-factor-authentication" title="Permalink to this headline">¶</a></h1>
<div class="versionadded">
<p><span class="versionmodified">New in version 4.8.0.</span></p>
</div>
<p>Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be
used when logging in. To use this, you first need to configure the
<a class="reference internal" href="setup.html#linked-tables"><span class="std std-ref">phpMyAdmin configuration storage</span></a>. Once this is done, every user can opt-in for second
authentication factor in the <span class="guilabel">Settings</span>.</p>
<p>When running phpMyAdmin from the Git source repository, the dependencies must be installed
manually; the typical way of doing so is with the command:</p>
<div class="highlight-sh"><div class="highlight"><pre><span></span>composer require pragmarx/google2fa bacon/bacon-qr-code
</pre></div>
</div>
<p>Or when using a hardware security key with FIDO U2F:</p>
<div class="highlight-sh"><div class="highlight"><pre><span></span>composer require samyoul/u2f-php-server
</pre></div>
</div>
<div class="section" id="authentication-application-2fa">
<h2>Authentication Application (2FA)<a class="headerlink" href="#authentication-application-2fa" title="Permalink to this headline">¶</a></h2>
<p>Using application for authentication is quite common approach based on HOTP and
<a class="reference external" href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm">TOTP</a>.
It is based on transmitting private key from phpMyAdmin to the authentication
application and the application is then able to generate one time codes based
on this key.</p>
<p>There are dozens of applications available for mobile phones to implement these
standards, the most widely used include:</p>
<ul class="simple">
<li><a class="reference external" href="https://freeotp.github.io/">FreeOTP for iOS, Android and Pebble</a></li>
<li><a class="reference external" href="https://authy.com/">Authy for iOS, Android, Chrome, OS X</a></li>
<li><a class="reference external" href="https://itunes.apple.com/us/app/google-authenticator/id388497605">Google Authenticator for iOS</a></li>
<li><a class="reference external" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Google Authenticator for Android</a></li>
<li><a class="reference external" href="https://lastpass.com/auth/">LastPass Authenticator for iOS, Android, OS X, Windows</a></li>
</ul>
</div>
<div class="section" id="hardware-security-key-fido-u2f">
<h2>Hardware Security Key (FIDO U2F)<a class="headerlink" href="#hardware-security-key-fido-u2f" title="Permalink to this headline">¶</a></h2>
<p>Using hardware tokens is considered to be more secure than software based
solution. phpMyAdmin supports <a class="reference external" href="https://en.wikipedia.org/wiki/Universal_2nd_Factor">FIDO U2F</a>
tokens.</p>
<p>There are several manufacturers of these tokens, for example:</p>
<ul class="simple">
<li><a class="reference external" href="https://www.yubico.com/solutions/fido-u2f/">youbico FIDO U2F Security Key</a></li>
<li><a class="reference external" href="https://www.hypersecu.com/products/hyperfido">HyperFIDO</a></li>
<li><a class="reference external" href="https://shop.trezor.io?a=572b241135e1">TREZOR Bitcoin wallet</a> can <a class="reference external" href="https://doc.satoshilabs.com/trezor-user/u2f.html">act as an U2F token</a></li>
</ul>
</div>
<div class="section" id="simple-two-factor-authentication">
<span id="simple2fa"></span><h2>Simple two-factor authentication<a class="headerlink" href="#simple-two-factor-authentication" title="Permalink to this headline">¶</a></h2>
<p>This authentication is included for testing and demostration purposes only as
it really does not provide two-factor authentication, it just asks user to confirm login by
clicking on the button.</p>
<p>It should not be used in the production and is disabled unless
<span class="target" id="index-0"></span><a class="reference internal" href="config.html#cfg_DBG_simple2fa"><code class="xref config config-option docutils literal"><span class="pre">$cfg['DBG']['simple2fa']</span></code></a> is set.</p>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<h3><a href="index.html">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">Two-factor authentication</a><ul>
<li><a class="reference internal" href="#authentication-application-2fa">Authentication Application (2FA)</a></li>
<li><a class="reference internal" href="#hardware-security-key-fido-u2f">Hardware Security Key (FIDO U2F)</a></li>
<li><a class="reference internal" href="#simple-two-factor-authentication">Simple two-factor authentication</a></li>
</ul>
</li>
</ul>
<h4>Previous topic</h4>
<p class="topless"><a href="settings.html"
title="previous chapter">Configuring phpMyAdmin</a></p>
<h4>Next topic</h4>
<p class="topless"><a href="transformations.html"
title="next chapter">Transformations</a></p>
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/two_factor.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<div><input type="text" name="q" /></div>
<div><input type="submit" value="Go" /></div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="transformations.html" title="Transformations"
>next</a> |</li>
<li class="right" >
<a href="settings.html" title="Configuring phpMyAdmin"
>previous</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">phpMyAdmin 4.8.5 documentation</a> »</li>
<li class="nav-item nav-item-1"><a href="user.html" >User Guide</a> »</li>
</ul>
</div>
<div class="footer" role="contentinfo">
© <a href="copyright.html">Copyright</a> 2012 - 2018, The phpMyAdmin devel team.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.4.9.
</div>
</body>
</html>