双因素身份验证

4.8.0 新版功能.

Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be used when logging in. To use this, you first need to configure the phpMyAdmin 高级功能. Once this is done, every user can opt-in for the second authentication factor in the Settings.

When running phpMyAdmin from the Git source repository, the dependencies must be installed manually; the typical way of doing so is with the command:

  1. composer require pragmarx/google2fa-qrcode

Or when using a hardware security key with FIDO U2F:

  1. composer require samyoul/u2f-php-server

认证应用(双重验证)

Using an application for authentication is a quite common approach based on HOTP and TOTP. It is based on transmitting a private key from phpMyAdmin to the authentication application and the application is then able to generate one time codes based on this key. The easiest way to enter the key in to the application from phpMyAdmin is through scanning a QR code.

There are dozens of applications available for mobile phones to implement these standards, the most widely used include:

硬件安全密钥(FIDO U2F)

Using hardware tokens is considered to be more secure than a software based solution. phpMyAdmin supports FIDO U2F tokens.

There are several manufacturers of these tokens, for example:

简单的双因素身份验证

This authentication is included for testing and demonstration purposes only as it really does not provide two-factor authentication, it just asks the user to confirm login by clicking on the button.

It should not be used in the production and is disabled unless $cfg['DBG']['simple2fa'] is set.