Uploaded image for project: 'ZABBIX FEATURE REQUESTS'
  1. ZABBIX FEATURE REQUESTS
  2. ZBXNEXT-4966

Provide support for RFC 6238 Time-based One-time Password Algorithm (OATH-TOTP)

    Details

    • Type: New Feature Request
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.0.3
    • Fix Version/s: None
    • Component/s: Frontend (F)
    • Environment:
      Debian9 amd64

      Description

      Due to many password and security breaches in the last years, account security has become one of the top priorities for every web platform that provides sensitive data. Nearly all big players have implemented OATH-TOTP by scanning a QR Code with your smartphone, which can then be used with Google Authenticator or Authy for example:

      • Wordpress
      • TeamViewer
      • Electronic Arts / Origin
      • Ubisoft Uplay
      • GitHub
      • Discord
      • Reddit
      • Kanboard
      • Nintendo Account
      • Slack
      • Seafile
      • Google
      • Twitter
      • any many many more

      As a IT service provider, we provide our Zabbix Frontend public available via Apache HTTPS, so customers have Read-Only access to all their data. To further secure the frontend, Two Factor Authentication is a must in the year 2019 imho.

      Further information: https://en.wikipedia.org/wiki/Google_Authenticator

        Attachments

          Activity

            People

            • Assignee:
              vjaceslavs Vjaceslavs Bogdanovs
              Reporter:
              starko Marco Hofmann
            • Votes:
              2 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated: