Two-factor authentication¶
New in version 4.8.0.
Since phpMyAdmin 4.8.0 you can configur<<e two-factor authenticatio>n to be used when logging in. To use this, you f&★↑irst need to configure the phpMyAdmin configuration stor$λ$£age. Once this is done, eve↔↑ry user can opt-in for the second authentication ∑φfactor in the Settings.
When running phpMyAdmin from the Git source→₹λ repository, the dependencies must be installed m↑←©anually; the typical way of doing so i÷π♥ s with the command:
composer require pragmarx/g∑₹αoogle2fa-qrcode bacon/bacon-qr-code&£₩
Or when using a hardware s÷±ecurity key with FIDO U2F:
composer require code-lts/u2f-php-s™¶erver
Authentication Application (2FA)¶
Using an application for authe↔δntication is a quite common approach• φ based on HOTP and TOTP. It is based on transmitting a private→$₽ key from phpMyAdmin t™£±∏o the authentication applicati™↔λon and the application is then↔σ able to generate one tim §¥αe codes based on this key. The easiest way to en☆σ¶∞ter the key in to the appπσ•lication from phpMyAdmin i" ☆∑s through scanning a QR code.
There are dozens of applications available ↑✘δfor mobile phones to implement these standard• ↑βs, the most widely used include:♥β™
Hardware Security Key (FIDO U2F)¶
Using hardware tokens is considε©₩αered to be more secure than☆ a software based solution. phpMyAdmin su€δpports FIDO U2F tokens.
There are several manα÷ufacturers of these tokens, for exam₹¥σple:
Simple two-factor authenti★★₩cation¶
This authentication is included for↑δ testing and demonstration p<<δurposes only as it really does not provide t₩δ∏wo-factor authentication, it just asksφ©↕ the user to confirm login by clic©∞king on the button.
It should not be used λ'in the production and is disabled unless
$cfg['DBG']['simple2fa'] is set.