Creating and configuring 2FAS account¶
In order to use Two Factor Authentication you need to create an account in 2FAS, and configure it with your authentication mobile app.
This bundle provides a few console commands to manage your 2FAS account and store it in the database.
This is a global configuration that allows you to connect to the external API, and enable/disable the second factor globally. Each User can only configure his own secret key to enable the second factor in his account.
Step 1: Create encryption key¶
All sensitive data stored in 2FAS are encrypted so before you send any information you have to encrypt them.
Some of the data in your database must also be encrypted.
This bundle does it for you but you need to create your own encryption key and store it in your
To do this open a command console, enter your project directory and execute the following command:
# Symfony 2.8 $ php app/console twofas:create-encryption-key # Symfony 3.x $ php bin/console twofas:create-encryption-key
Command the print encryption key in the console so you have to copy it and paste in your config.yml under the two_fas_two_factor.encryption_key
We recommend that you keep it in parameters.yml (and update your parameters.yml.dist file)
Step 2: Create an account¶
To create 2FAS account run the following command and follow the instructions:
# Symfony 2.8 $ php app/console twofas:create-account # Symfony 3.x $ php bin/console twofas:create-account
If you have an account (eg. you create it by our website) you need to provide your password, on the other hand, if you don't have an account, the password is automatically generated for you.
Step 3: Add an account in your mobile app¶
Login in to your website and go to "/2fas/index". This is a simple dashboard to show and manage your settings.
Click on the "Configure" under the TOTP channel.
Follow the instructions on the configure page.
Step 4: Enable Two Factor Authentication¶
In order to enable the second factor go to console and run command:
# Symfony 2.8 $ php app/console twofas:enable # Symfony 3.x $ php bin/console twofas:enable
That's it! You can log out now and try to log in again.
After typing in login and password you have to see the second login form where you should enter the token generated by your mobile app.
If you have trouble you can enable/disable the second factor at any time by console