Jump to content

Help:二要素認証

From mediawiki.org
This page is a translated version of the page Help:Two-factor authentication and the translation is 16% complete.

Two-factor authentication (TFA) is a system that requires an additional verification step before allowing an account to be logged into. The main MediaWiki extension providing this functionality is OATHAuth.

For an advanced translated help page, please visit Meta:Help:Two-factor authentication.

有効化

You need the oathauth-enable user right to use TFA. If allowed, you will see a link in your preferences to enable it, or visit Special:OATH directly. Clicking on the link will display a QR code and a text code. Most smartphone apps will use the camera to scan the QR code, and automatically add the entry for the account to the list.

Scratch codes

The special page will also list ten emergency "scratch codes" that can be used if you lose your phone. However, each code can only be used one time.

クライアント

Aegis, an example of TFA client

First, you'll need a client application to store the TFA token and generate codes. Typically these are smartphone apps, but desktop clients are also available:

  • Aegis (free and open source) – Android
  • FreeOTP (free and open source, maintained by Red Hat) – Android and iOS
  • Authenticator (free and open source) – iOS
  • KeeWeb (free and open source desktop client) – Windows, macOS, Linux
  • oathtool (command line)
    Example of command line: oathtool --base32 --totp "YOUR_SECRET_KEY" (the program returns 6 figures)

It is important to remember that you will need this device with you whenever you need to login.

関連項目