adfsmfa
django-mfa2
Our great sponsors
adfsmfa | django-mfa2 | |
---|---|---|
2 | 7 | |
128 | 228 | |
2.3% | - | |
5.6 | 2.8 | |
about 1 month ago | 24 days ago | |
C# | CSS | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
adfsmfa
-
Am I being spoofed or hacked?
My server is also a homelab one. No sign of Hafnium, and I was patched very early, but it did prompt me to do my next project. ECP was already blocked from outside, but OWA is now handled by a WAP, which authenticates against my ADFS server with MFA. If anyone is looking for a free MFA solution to use with ADFS, I can recommend this.
-
Any other Young homelabers out there? I'm 17 and Just did this huge upgrade, scored this rack and 3 servers for free off marketplace.
You should give it a try. It's not the simplest exercise, you need to get familiar with Certificate Authorities, ADFS, and set up an MFA provider (I recommend this: https://github.com/neos-sdi/adfsmfa), but once it's done, being able to log in to Win10 with a fingerprint is very cool.
django-mfa2
-
Django WebAuthn Support?
I've been using https://github.com/mkalioby/django-mfa2 with good luck
-
Passkeys on Django
The application is a slim-down version of django-mfa2 which has been 🌟 more 150 times and downloaded round 135k. As this application did only one thing, it is much easier to integrate within your current application.
-
Security in Django
Add MFA to your application and require it for at least administrative users, super users or any user who has permissions to cause any damage to the application or its data. https://github.com/gotlium/django-secure-auth or https://github.com/mkalioby/django-mfa2. Ideally you'll add and MFA mechanism that supports FIDO2/WebAuthn, but you should also support TOTP (Google Authenticator). Whatever you do, DON'T use SMS, Text Messages or emails as if they were MFA. They aren't.
-
Is django login system safe enough?
Adding MFA is a must, and for that you can use https://github.com/gotlium/django-secure-auth or https://github.com/mkalioby/django-mfa2. Just please avoid using SMS or codes sent by email as if they were true MFA. They aren't. If possible prefer FIDO2, and if not, go with TOTP (google authenticator).
-
Fingerprint-based authentication and Authorization in Python(Django) web applications - Hacking your way out (Part 3)
Unfortunately, django-mfa2 was not built to support that out-of-the-box. However, to add this feature, one needs to have a local version of the application so as to be able to extend its functionalities.
-
Fingerprint-based authentication and Authorization in Python(Django) web applications - Second part
Django-mfa2 documentation
-
Fingerprint-based authentication and Authorization in Python(Django) web applications
Modern browsers support this awesome technology and there are a couple of its implemetations in various major programming languages and web frameworks, however, this multi-part post will only focus on implementing it in a Django application using a wonderful django application, django-mfa2 which utilizes python-fido2 under the hood.
What are some alternatives?
DSInternals - Directory Services Internals (DSInternals) PowerShell Module and Framework
webauthn - Web Authentication: An API for accessing Public Key Credentials
a12n-server - An open source lightweight OAuth2 server
python-fido2 - Provides library functionality for FIDO 2.0, including communication with a device over USB.
TOTP-for-pGina-Fork - A plugin for the pGina Fork that allows a Time-based One-Time Password for Windows Logon using the Google Authenticator App.
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
fido2-net-lib - FIDO2 .NET library for FIDO2 / WebAuthn Attestation and Assertion using .NET
kagi - WebAuthn security keys and TOTP multi-factor authentication for Django
glewlwyd - Experimental Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins
django-passkeys - Django Authentication Backend For Passkeys