CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. (by OWASP)
django-mfa2
A Django app that handles MFA, it supports TOTP, U2F, FIDO2 U2F (Webauthn), Email Token and Trusted Devices (by mkalioby)
Our great sponsors
| CheatSheetSeries | django-mfa2 | |
|---|---|---|
| 49 | 7 | |
| 26,411 | 226 | |
| 1.7% | - | |
| 9.1 | 2.8 | |
| 6 days ago | 16 days ago | |
| Python | CSS | |
| Creative Commons Attribution Share Alike 4.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CheatSheetSeries
Posts with mentions or reviews of CheatSheetSeries.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-03-07.
-
Next.js: consequence of AppRouter on your CSP
Cross Site Scripting Prevention Cheat Sheet from OWASP Cheat Sheet Series
-
A guide to Auth & Access Control in web apps 🔐
OWasp cheat sheet on how to do ACL in Web App.
- Ask HN: Best Practices Guides You're Aware Of
-
Advice For Securing Backend Code
I recommend reading OWASP cheat sheets , especially these:
- What are some senior level learning resources you recommend for improving as a backend engineer?
-
OWASP Attacks spreadsheet?
If it's anywhere it's probably in here, https://cheatsheetseries.owasp.org/
- How do you all SECURE your Apps?
-
What is the easiest and most secure way to implement security in a NestJS application?
Im noob but i read somewhere that if u just follow this https://cheatsheetseries.owasp.org/ Your website is secured
- OWASP Needs to Evolve
-
When to implement a back end for a web application?
The most helpful "convention" for building a web application is the OWASP CheatSheet Series that focuses on security best practices.
django-mfa2
Posts with mentions or reviews of django-mfa2.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-04-21.
-
Django WebAuthn Support?
I've been using https://github.com/mkalioby/django-mfa2 with good luck
-
Passkeys on Django
The application is a slim-down version of django-mfa2 which has been 🌟 more 150 times and downloaded round 135k. As this application did only one thing, it is much easier to integrate within your current application.
-
Security in Django
Add MFA to your application and require it for at least administrative users, super users or any user who has permissions to cause any damage to the application or its data. https://github.com/gotlium/django-secure-auth or https://github.com/mkalioby/django-mfa2. Ideally you'll add and MFA mechanism that supports FIDO2/WebAuthn, but you should also support TOTP (Google Authenticator). Whatever you do, DON'T use SMS, Text Messages or emails as if they were MFA. They aren't.
-
Is django login system safe enough?
Adding MFA is a must, and for that you can use https://github.com/gotlium/django-secure-auth or https://github.com/mkalioby/django-mfa2. Just please avoid using SMS or codes sent by email as if they were true MFA. They aren't. If possible prefer FIDO2, and if not, go with TOTP (google authenticator).
-
Fingerprint-based authentication and Authorization in Python(Django) web applications - Hacking your way out (Part 3)
Unfortunately, django-mfa2 was not built to support that out-of-the-box. However, to add this feature, one needs to have a local version of the application so as to be able to extend its functionalities.
-
Fingerprint-based authentication and Authorization in Python(Django) web applications - Second part
Django-mfa2 documentation
-
Fingerprint-based authentication and Authorization in Python(Django) web applications
Modern browsers support this awesome technology and there are a couple of its implemetations in various major programming languages and web frameworks, however, this multi-part post will only focus on implementing it in a Django application using a wonderful django application, django-mfa2 which utilizes python-fido2 under the hood.
What are some alternatives?
When comparing CheatSheetSeries and django-mfa2 you can also consider the following projects:
WhatWeb - Next generation web scanner
webauthn - Web Authentication: An API for accessing Public Key Credentials
dirsearch - Web path scanner
python-fido2 - Provides library functionality for FIDO 2.0, including communication with a device over USB.
webpack - A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
adfsmfa - MFA for ADFS 2022/2019/2016/2012r2
big-list-of-naughty-strings - The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
kagi - WebAuthn security keys and TOTP multi-factor authentication for Django
docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
django-passkeys - Django Authentication Backend For Passkeys
Rollup - Next-generation ES module bundler
django-webauth - Two Factor Authentication in Django using Web Authentication API (WebAuthn)
CheatSheetSeries vs WhatWeb
django-mfa2 vs webauthn
CheatSheetSeries vs dirsearch
django-mfa2 vs python-fido2
CheatSheetSeries vs webpack
django-mfa2 vs adfsmfa
CheatSheetSeries vs big-list-of-naughty-strings
django-mfa2 vs kagi
CheatSheetSeries vs docker-socket-proxy
django-mfa2 vs django-passkeys
CheatSheetSeries vs Rollup
django-mfa2 vs django-webauth