Hello,
TL;DR: Are you interested in this feature? Do you have any insights about Gladys Plus to share with me?
Before I start development, I’d like us to discuss it, get validation, and gather any possible information on the implementation (I haven’t yet dug into Gladys’s authentication part, and even less into its interfacing with Gladys Plus, which I don’t know).
In order to secure accounts, I propose adding the ability, at the user profile level, to enable MFA. The idea is simple: from their profile the user can scan a QR code with their preferred Authenticator, and on login, after entering their username/password, they should enter the corresponding TOTP. Simple and effective.
Motivation: I’m looking to strengthen the security of Gladys instances, especially for those who expose their Gladys to the Internet. Yes, it’s an advanced usage scenario and doesn’t concern everyone, but in that situation I want to increase the system’s security.
@pierre-gilles your opinion?
I don’t have any particular problem with the TOTP/QR code/MFA principle. Plugging into the authentication process: by diving into the code I think I’ll figure it out.
My main question is about Gladys Plus. I have no knowledge of that product, nor of how it handles authentication relative to the Gladys instance it manages and how this MFA would intervene. Maybe, depending on how it’s architected, I don’t need to worry about that? Does Gladys Plus have its own authentication method?
Let’s discuss!
