Extension:TwoFactorAuthentication

The TwoFactorAuthentication extension is an implementation of two-factor authentication for MediaWiki. The extension adds an additional field to the login form (and other authentication forms) that allows users to authenticate with a physical device, such as a phone with Google Authenticator, in addition to their password. Using two-factor authentication prevents account hijacking by requiring that an attacker have both the user's password AND one-time password device. This extension is actually a reduced version of Extension:OATHAuth, although only about half the code has been preserved.

Installation[edit | edit source]

Download and extract the files in a directory called TwoFactorAuthentication in your extensions/ folder. If you're a developer and this extension is in a Git repository, then instead you should clone the repository.
Add the following code at the bottom of your LocalSettings.php:

require_once( "$IP/extensions/TwoFactorAuthentication/TwoFactorAuthentication.php" );

Run the update script which will automatically create the necessary database tables that this extension needs.
Done! Navigate to "Special:Version" on your wiki to verify that the extension is successfully installed.

Configuration parameters[edit | edit source]

TwoFactorAuth has a few configuration variables. However, for most installations, the defaults will work just fine.

$wgTwoFactorWindowSize: The number of time, in seconds, that each one-time password is valid for. The default is 30 seconds.
$wgTwoFactorWindowLeniency: The radius of tokens to accept for authenticating. The default is 1, to allow for occasional differences in time synchronization. This number should generally not be increased for security reasons.

Extension:TwoFactorAuthentication

Installation[edit | edit source]

Configuration parameters[edit | edit source]

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Support

Development

MediaWiki.org

Print/export

Tools