[horde] multi-factor authentication

Bjoern Voigt bjoernv at arcor.de
Wed Mar 28 21:10:02 UTC 2018


Ralf Lang wrote:
> There are two options here:
>
> - Delegate authentication to an auth provider (shibboleth, saml, openid
> connect, etc) and let them worry about 2-factor implementation
> - Build a 2-factor driver for horde
>
> Both are somehow on my list, but no specific timeline can be given.
> However, I am more interested in open solutions like TOTP/HOTP.
> Though I use commercial RSA SecurId tokens in my daily work, I have
> absolutely no interest in building a direct interface to the server
> component.
I think, Nextcloud can be seen as a good example for implementing
2-factor authentication into a modularized PHP application.

The Nextcloud team built some 2-factor base functionality into the
Nextcloud core. For instance they implemented base classes, some
management commands (e.g. administrators can enable/disable 2-factor for
specific users) and management functions for app-passwords (Horde/IMP
may need them too e.g. for Activesync devices). A specific 2-factor
solution can be found in the Nextcloud apps/add-ons. Currently there are
some 2-factor apps available: https://apps.nextcloud.com/categories/security

Greetings,
Björn


More information about the horde mailing list