Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Add Two Factor Authentication #684
Please consider adding two factor authentication for logging into the dashboard. My suggestion would be to use Toopher.
Should be trivial to add, and would add a lot of security. For a dashboard where you can charge and pay people directly with the click of a button, two factor authentication seems like a must to me.
referenced this issue
Nov 15, 2013
@bjenkins24 what's the major benefit to adding Toopher?
I had a quick look at the Toopher website but can't quite see where the advantage is over Google Authenticator. According to their site I need to get in touch before I can start playing with it "Getting started with Toopher is easy! Sign up for our demo and wait for approval, or contact sales.".
My reasoning for suggesting Google Authenticator was that it's installed on my phone and I use it for AWS among others already. There's a few alternate suggestions on the balanced repo but none that have really stolen my heart.
The big benefit of Toopher is you don't have to actually do anything. You install it on your phone like you would with google authenticator. Once you register a device it uses your phone's GPS to see that it is you that is logging in. It's a one time thing (for each place you log in) and as long as you have your smart phone with you it authenticates automatically. So you get secure two factor authentication without taking your phone out of your pocket. The video on the site explains it pretty well I think:
Even LastPass started using it recently.
With Google Authenticator you have to put the code in each time. It's an extra step that makes logging in a hassle.
With my projects Toopher has been pretty good about getting me started pretty quickly once I contacted them.