Loading...
 
Skip to main content

History: PluginTOTP

View published page

Source of version: 47 (current)

Copy to clipboard
            New in ((Tiki22))
!PluginTOTP

!!!What is Time-Based One-Time Password?
A time-based one-time password __(TOTP)__ is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. Time-based one-time passwords are commonly used for ((Two-factor authentication)) and have seen growing adoption by cloud application providers. TOTPs are derived from a secret seed password given at user registration in the form of QR code or in plaintext. TOTPs (and their seeds) are deployed on either hardware security tokens or as soft tokens, meaning mobile device apps that display the numbers. Typically, the temporary passcode expires after 30, 60, 120 or 240 seconds.

TOTP (Time-based One-time Password algorithm) is a different use case than ((Two-factor authentication)), which protects a Tiki instance. This permits to manage the key (instead of putting on a smartphone) to connect to another site (which may or many not be a Tiki)

!!! Using PluginTOTP in Tiki!
Let's suppose I am trying to connect to my Admin Dashboard, I begin by entering my username and password. Then I’m prompted for the TOTP, which I read off of the token and type into the third login field. Once I’ve done so, I’m logged.

!!! Parameters
{pluginmanager plugin="totp"}
!!!! Step 1 : Activate pluginTOTP
Go to Control Panel, search TOTP, check the PluginTOTP preferences and Click Apply to save changes.

{img src="display1829" link="display1829" rel="box[g]" imalign="center" alt="Search TOTP in control panel to activate the plugin" desc="Click to expand" align="center" styleimage="border"}

!!!! Step 2 : Configure pluginTOTP
You need to setup a wiki login page with following input fields :
^
* Username Field
* Password Field
* TOTP Code Field
^
{REMARKSBOX(type=tip title=Tip)} {CODE(theme="default")}{totp secret="YOUR SECRET TOTP CODE" interval="INTERVAL IN SECONDS" issuer="YOUR ISSUER PAGE"}{CODE} 
The secret key must be 16 characters long and contain only uppercase letters A-Z and digits 2-7, otherwise it will not generate the Qr code. If you don't know the secret you can live it blank and Tiki will generate a secret for you.
If you want to use advanced options of the pluginTOTP, click at the {img src=img/icons/help.png }Help button (at right corner of your wiki-page editor), search TOTP in PluginHelp tab.''{REMARKSBOX}

~~#060:__You should now see something like this__~~
{img src="tiki-download_wiki_attachment.php?attId=195" link="tiki-download_wiki_attachment.php?attId=195" rel="box[g]" imalign="center" alt="TOTP QR Code Scan procedure" desc="Click to expand" align="center" styleimage="border"}

!!!! Step 3 : Authenticate 
Finally, when authenticating on page "Log In” (e.g. http://www.example.com/tiki-login_scr.php?totpForm), take the code generated by your TOTP app (Google Authenticator® App or other) and enter it in the __totpCode Field you recently created__ then Click to Login.
^~~#F00:You need to act fast because these codes start expiring, which if you're too slow,  sometimes yields a login misfire and you need to try again with a fresher TOTP.~~^

See also :
((Two-factor authentication))