Skip to content

Creating and configuring 2FAS account

In order to use Two Factor Authentication you need to create an account in 2FAS, and configure it with your authentication mobile app.

This bundle provides a few console commands to manage your 2FAS account and store it in the database.

This is a global configuration that allows you to connect to the external API, and enable/disable the second factor globally. Each User can only configure his own secret key to enable the second factor in his account.

Global configuration

Step 1: Create encryption key

All sensitive data stored in 2FAS are encrypted so before you send any information you have to encrypt them. Some of the data in your database must also be encrypted. This bundle does it for you but you need to create your own encryption key and store it in your config.yml

To do this open a command console, enter your project directory and execute the following command:

# Symfony 2.8
$ php app/console twofas:create-encryption-key

# Symfony 3.x
$ php bin/console twofas:create-encryption-key

Command the print encryption key in the console so you have to copy it and paste in your config.yml under the two_fas_two_factor.encryption_key

We recommend that you keep it in parameters.yml (and update your parameters.yml.dist file)

Step 2: Create an account

To create 2FAS account run the following command and follow the instructions:

# Symfony 2.8
$ php app/console twofas:create-account

# Symfony 3.x
$ php bin/console twofas:create-account

Note

If you have an account (eg. you create it by our website) you need to provide your password, on the other hand, if you don't have an account, the password is automatically generated for you.

Step 3: Add an account in your mobile app

  1. Login in to your website and go to "/2fas/index". This is a simple dashboard to show and manage your settings.

  2. Click on the "Configure" under the TOTP channel.

  3. Follow the instructions on the configure page.

Step 4: Enable Two Factor Authentication

In order to enable the second factor go to console and run command:

# Symfony 2.8
$ php app/console twofas:enable

# Symfony 3.x
$ php bin/console twofas:enable

That's it! You can log out now and try to log in again.

After typing in login and password you have to see the second login form where you should enter the token generated by your mobile app.

Note

If you have trouble you can enable/disable the second factor at any time by console twofas:enable/twofas:disable command.

<< Installation | Index | Overriding templates >>