+ +
+

Two-factor authentication

+
+

New in version 4.8.0.

+
+

Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be +used when logging in. To use this, you first need to configure the +phpMyAdmin configuration storage. Once this is done, every user can opt-in for the second +authentication factor in the Settings.

+

When running phpMyAdmin from the Git source repository, the dependencies must be installed +manually; the typical way of doing so is with the command:

+
composer require pragmarx/google2fa-qrcode
+
+
+

Or when using a hardware security key with FIDO U2F:

+
composer require samyoul/u2f-php-server
+
+
+
+

Authentication Application (2FA)

+

Using an application for authentication is a quite common approach based on HOTP and +TOTP. +It is based on transmitting a private key from phpMyAdmin to the authentication +application and the application is then able to generate one time codes based +on this key. The easiest way to enter the key in to the application from phpMyAdmin is +through scanning a QR code.

+

There are dozens of applications available for mobile phones to implement these +standards, the most widely used include:

+ +
+
+

Hardware Security Key (FIDO U2F)

+

Using hardware tokens is considered to be more secure than a software based +solution. phpMyAdmin supports FIDO U2F +tokens.

+

There are several manufacturers of these tokens, for example:

+ +
+
+

Simple two-factor authentication

+

This authentication is included for testing and demonstration purposes only as +it really does not provide two-factor authentication, it just asks the user to confirm login by +clicking on the button.

+

It should not be used in the production and is disabled unless +$cfg['DBG']['simple2fa'] is set.

+
+
+ + +