# 2FA The current core implementation allow us to implement multiple steps. If the first provider returns a positive value smaller than 100 indicates that the authentication was successful, but that further services should also perform their own authentication. This can be used to implement a second authentication. ## Implementation ideas @TODO: Check: \url{https://www.heise.de/ct/artikel/Passwortloses-Anmelden-dank-FIDO2-4494951.html} Implement LoginProvider for BE and FE **TwoFactorAuthenticationProviderInterface** - getLoginTemplate(): string - authenticate(ServerRequestInterface $request): bool **EmailAuthenticationProvider implements TwoFactorAuthenticationProviderInterface** - send an e-mail with auth code - require an email address in the user record **SMSAuthenticationProvider implements TwoFactorAuthenticationProviderInterface** - send a SMS with auth code - require a valid phonenumber in the user record - require an additional interface to implement different calling provider, like SMS77, twillio, etc. **OneTimePasswordAuthenticationProvider implements TwoFactorAuthenticationProviderInterface** - use an app like Google Authenticator (\url{https://support.google.com/accounts/answer/1066447?co=GENIE.Platform%3DAndroid\&hl=de)} or Authy (\url{https://authy.com/)} - require a setup process in the user settings (BE) and a complete new process in EXT:felogin (for FE) **TANAuthenticationProvider implements TwoFactorAuthenticationProviderInterface** - use an old school TAN list - require a TAN list generator for each user - priority: low, because TAN list not very secure, so maybe don't implement this provider **RSASecureIDAuthenticationProvider implements TwoFactorAuthenticationProviderInterface** - use an hardware token - require special API knowledge, maybe not for the core, but this could be implemented with an own extension **YubicoAuthenticationProvider implements TwoFactorAuthenticationProviderInterface** - use an hardware token (yubikey) - require special API knowledge: \url{https://developers.yubico.com/} - Example for TYPO3 - https://extensions.typo3.org/extension/sf_yubikey/