[Feature] Add 2FA to Admin Authentication #3695
Labels
admin
Issues related to the Admin portion
API
A new API is required
backlog
Ideas that might be cool and can be looked into later.
enhancement
New feature or request
go backend
Server-side code written in Go
Web frontend
Issues dealing with the web site
It would be a good security addition to add 2FA as an option, particularly WebAuthn, so that we can use security keys such as the YubiKey or Nitrokey. It would help mitigate attack methods, such as brute-force, from attackers accessing the admin settings. As far as I can tell, the username cannot be changed from "admin" so an attacker would probably only need to start guessing the password.
Resources:
The text was updated successfully, but these errors were encountered: