feel free to keep it strictly simple...

two-factor authentication

Starting with 4.3.0 LEPTON has a built-in two-factor authentication (2fa or tfa).

This is an additonal feature to secure LEPTON backend.

Important: this feature does only work if LEPToken are set to life (default).

If you install a new LEPTON release you can set this feature during installation process, upgraded LEPTON releases have switched this feature off. You can activate the 2fa in the settings/default_settings in the backend.

How it works

1. If 2fa is activated you have to type an additonal PIN - which is once generated by the system for each user and is saved encrypted in the database - after you are logged in with username and password.

If users forgot this PIN there is no chance to login into LEPTON.

Only admin is able to reset PIN via admintool if neccessary.

 

2. As an alternative to the PIN-system  usage you can get a individual TAN via mail for each login if you switch to this system in the settings.

 

Keep in mind:

1. you can switch between both modes (or switch off) during installation or later in the settings

2. you can also rename your backend path for security reasons.

3. switch off frontend login ( settings/general_settings) if not needed.