Hi Everyone, I want to add another layer of security to my app beyond username and password. I don't want to use SSO in this instance, but would prefer to use MFA Auth for a bit of flexibility. I'm trying to use the Emixa MFA module, but I haven't been able to find an implementation example that doesn't have some sizeable gaps or assumptions in it (including the official module documentation). I'm sure the module works well and it's purely a skills gap on my part, but can anyone point me at an idiots guide to implementing this? Thanks in advance!
asked
David Service
1 answers
0
Install Emixa MFA, Encryption, and CommunityCommons modules.
Use the provided MFA_Activate and MFA_Verify pages for registration and verification.
Allow users to scan the QR code and save their TOTP (e.g., Google Authenticator).
After login, check if the user has MFA enabled.
If yes, redirect them to MFA_Verify.
If no, redirect to MFA_Activate or your normal homepage.
Use a boolean attribute like IsMfaVerified on the session or user entity.
Only show the main navigation if MFA is verified.
Add Logic to Reset IsMfaVerified = false on Logout/Login