Two Factor Authentication?

Pat 3 years ago updated by Elouan 3 years ago 1

Hi - 

I have a concern, that if I am exposing a port to the internet from home, I would like to minimise hackers targeting that port for brute force attacks.

Has there been any consideration of implementing Two Factor Authentication (2FA) - rather than just a simple username/password.  Not fussed which 2FA method used, but maybe implementing TOTP via Google Authenticator might be the simplest route?

Alternatively, an admin option for automatically locking an account if there are multiple failed logins? (2FA preferred, but this option could be a potential workaround).



option for 2 factors identification for admin page would be good; 

i’m not so keen on 2 factor auth for users, as it complicates login but:

something to lock IP adresses after a few failed attempts  would be nice indeed