Two-factor authentication
=========================
Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be
used when logging in. To use this, you first need to configure the
:ref:`linked-tables`. Once this is done, every user can opt-in for the second
authentication factor in the :guilabel:`Settings`.
When running phpMyAdmin from the Git source repository, the dependencies must be installed
manually; the typical way of doing so is with the command:
composer require pragmarx/google2fa-qrcode bacon/bacon-qr-code
Or when using a hardware security key with FIDO U2F:
composer require code-lts/u2f-php-server
Authentication Application (2FA)
--------------------------------
Using an application for authentication is a quite common approach based on HOTP and
`TOTP <https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm>`_.
It is based on transmitting a private key from phpMyAdmin to the authentication
application and the application is then able to generate one time codes based
on this key. The easiest way to enter the key in to the application from phpMyAdmin is
through scanning a QR code.
There are dozens of applications available for mobile phones to implement these
standards, the most widely used include:
* `FreeOTP for iOS, Android and Pebble <https://freeotp.github.io/>`_
* `Authy for iOS, Android, Chrome, OS X <https://authy.com/>`_
* `Google Authenticator for iOS <https://apps.apple.com/us/app/google-authenticator/id388497605>`_
* `Google Authenticator for Android <https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2>`_
* `LastPass Authenticator for iOS, Android, OS X, Windows <https://lastpass.com/auth/>`_
