Security in Django

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/django

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • OPS - Build and Run Open Source Unikernels
  • GitHub repo django-secure-auth

    Secure authentication by TOTP, SMS, Codes & Question. Login protected by IP ranges and with captcha.

    Add MFA to your application and require it for at least administrative users, super users or any user who has permissions to cause any damage to the application or its data. https://github.com/gotlium/django-secure-auth or https://github.com/mkalioby/django-mfa2. Ideally you'll add and MFA mechanism that supports FIDO2/WebAuthn, but you should also support TOTP (Google Authenticator). Whatever you do, DON'T use SMS, Text Messages or emails as if they were MFA. They aren't.

  • GitHub repo django-mfa2

    A Django app that handles MFA, it supports TOTP, U2F, FIDO2 U2F (Webauthn), Email Token and Trusted Devices

    Add MFA to your application and require it for at least administrative users, super users or any user who has permissions to cause any damage to the application or its data. https://github.com/gotlium/django-secure-auth or https://github.com/mkalioby/django-mfa2. Ideally you'll add and MFA mechanism that supports FIDO2/WebAuthn, but you should also support TOTP (Google Authenticator). Whatever you do, DON'T use SMS, Text Messages or emails as if they were MFA. They aren't.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts