From 04d6d5ca99ebfd1cebb8ce06618fb3811fc1a8aa Mon Sep 17 00:00:00 2001
From: Charles <sircharlesaze@gmail.com>
Date: Thu, 9 Jan 2020 10:55:03 +0100
Subject: phpmyadmin working

---
 srcs/phpmyadmin/doc/html/_sources/two_factor.txt | 69 ++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 srcs/phpmyadmin/doc/html/_sources/two_factor.txt

(limited to 'srcs/phpmyadmin/doc/html/_sources/two_factor.txt')

diff --git a/srcs/phpmyadmin/doc/html/_sources/two_factor.txt b/srcs/phpmyadmin/doc/html/_sources/two_factor.txt
new file mode 100644
index 0000000..0b5c1ed
--- /dev/null
+++ b/srcs/phpmyadmin/doc/html/_sources/two_factor.txt
@@ -0,0 +1,69 @@
+.. _2fa:
+
+Two-factor authentication
+=========================
+
+.. versionadded:: 4.8.0
+
+Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be
+used when logging in. To use this, you first need to configure the
+:ref:`linked-tables`. Once this is done, every user can opt-in for the second
+authentication factor in the :guilabel:`Settings`.
+
+When running phpMyAdmin from the Git source repository, the dependencies must be installed
+manually; the typical way of doing so is with the command:
+
+.. code-block:: sh
+
+    composer require pragmarx/google2fa-qrcode
+
+Or when using a hardware security key with FIDO U2F:
+
+.. code-block:: sh
+
+    composer require samyoul/u2f-php-server
+
+Authentication Application (2FA)
+--------------------------------
+
+Using an application for authentication is a quite common approach based on HOTP and
+`TOTP <https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm>`_.
+It is based on transmitting a private key from phpMyAdmin to the authentication
+application and the application is then able to generate one time codes based
+on this key. The easiest way to enter the key in to the application from phpMyAdmin is
+through scanning a QR code.
+
+There are dozens of applications available for mobile phones to implement these
+standards, the most widely used include:
+
+* `FreeOTP for iOS, Android and Pebble <https://freeotp.github.io/>`_
+* `Authy for iOS, Android, Chrome, OS X <https://authy.com/>`_
+* `Google Authenticator for iOS <https://apps.apple.com/us/app/google-authenticator/id388497605>`_
+* `Google Authenticator for Android <https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2>`_
+* `LastPass Authenticator for iOS, Android, OS X, Windows <https://lastpass.com/auth/>`_
+
+Hardware Security Key (FIDO U2F)
+--------------------------------
+
+Using hardware tokens is considered to be more secure than a software based
+solution. phpMyAdmin supports `FIDO U2F <https://en.wikipedia.org/wiki/Universal_2nd_Factor>`_
+tokens.
+
+There are several manufacturers of these tokens, for example:
+
+* `youbico FIDO U2F Security Key <https://www.yubico.com/fido-u2f/>`_
+* `HyperFIDO <https://www.hypersecu.com/tmp/products/hyperfido>`_
+* `Trezor Hardware Wallet <https://trezor.io/?offer_id=12&aff_id=1592&source=phpmyadmin>`_ can act as an `U2F token <https://wiki.trezor.io/User_manual:Two-factor_Authentication_with_U2F>`_
+* `List of Two Factor Auth (2FA) Dongles <https://www.dongleauth.info/dongles/>`_
+
+.. _simple2fa:
+
+Simple two-factor authentication
+--------------------------------
+
+This authentication is included for testing and demonstration purposes only as
+it really does not provide two-factor authentication, it just asks the user to confirm login by
+clicking on the button.
+
+It should not be used in the production and is disabled unless
+:config:option:`$cfg['DBG']['simple2fa']` is set.
-- 
cgit