Multifactor authentication (MFA) is a security system that requires more than one method of authentication to verify the user’s identity for a login or other transaction.
One of the major problems with traditional user ID and password login is the need to maintain a password database.
Whether encrypted or not, if the database is captured it provides the hacker with a source to verify his guesses at speeds limited only by his hardware resources.
Given enough time, a captured password database will fall. To avoid this break we do prefer multifactor authentication.
There are multiple ways we could get the MFA like using hardware devices that the user carries to authorize access to a network service.
Software-based security token applications that generate a single-use login PIN.
Soft tokens are often used for multifactor mobile authentication, in which the device itself – such as a smartphone – provides the possession factor or SMS messages and phone calls sent to a user as an out-of-band method, smartphone OTP apps.
The user should follow the following steps to enable MFA to their accounts.
In the current blog post, we see how to implement MFA in Django.
We do have an awesome package developed in Django called DjangoMFA. That gives us the flexibility of how to setting up MFA.
We can generate two types of passwords in Django-MFA one is HMAC-based One Time Password (HOTP) and Time-based One-time Password Algorithm (TOTP).
In this blog post, we will see how to enable the TOTP-based MFA using Django-MFA.
We can get the facility of MFA using Django-MFA by following the following simple steps.
pip install django-mfa
INSTALLED_APPS = [ ... 'django_mfa', ] MIDDLEWARE_CLASSES = [ ... 'django_mfa.middleware.MfaMiddleware', ]
urlpatterns = [ ... url(r'^settings/', include('django_mfa.urls', namespace="mfa")), ]
That's it, now you have the feature of MFA in your Django project. Once you have followed the above steps, you can just go to "/settings/security/” in your address bar, you can get the flow of enabling MFA to your account.
Get The Code in Our Git Repository: https://github.com/MicroPyramid/django-mfa
For detail documentation visit: http://django-mfa.readthedocs.io/en/latest/index.html
Micropyramid is a software development and cloud consulting partner for enterprise businesses across the world. We work on python, Django, Salesforce, Angular, Reactjs, React Native, MySQL, PostgreSQL, Docker, Linux, Ansible, git, amazon web services. We are Amazon and salesforce consulting partner with 5 years of cloud architect experience. We develop e-commerce, retail, banking, machine learning, CMS, CRM web and mobile applications.
Django-CRM :Customer relationship management based on Django
Django-blog-it : django blog with complete customization and ready to use with one click installer Edit
Django-webpacker : A django compressor tool
Django-MFA : Multi Factor Authentication
Docker-box : Web Interface to manage full blown docker containers and imagesMore...