idp.global/app
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
02c700e44dfc55cbe19922fbf73b0623dab29555
app/stories/end-user/EU-004-two-factor-auth.md
T
jkunz 014fb3080a add stories
2025-11-30 15:01:28 +00:00

1.0 KiB
Raw Blame History

Enable Two-Factor Authentication

ID: EU-004 Priority: High Status: Planned

User Story

As an end user, I want to enable two-factor authentication on my account so that my account is protected even if my password is compromised.

Acceptance Criteria

  • User can enable 2FA from account settings
  • Support for TOTP apps (Google Authenticator, Authy, etc.)
  • Backup codes are generated and shown once during setup
  • User must verify 2FA code during setup to confirm it works
  • Login flow prompts for 2FA code when enabled
  • User can disable 2FA (requires current 2FA code)
  • Account recovery option if 2FA device is lost

Technical Notes

  • Mobile verification infrastructure exists (SMS OTP in registration)
  • Can leverage existing smarttwilio integration for SMS-based 2FA
  • TOTP implementation needs otplib or similar library
  • Store encrypted TOTP secret in User model
  • Consider supporting multiple 2FA methods (TOTP, SMS, security keys)

Related TODOs

  • New feature - no existing TODO
Reference in New Issue View Git Blame Copy Permalink