Two Factor for Statamic
Two Factor for Statamic is an addon for Statamic that requires all Control Panel (CP) users utilise two factor authentication using a one-time password (such as with Google Authenticator or password manager apps like 1Password).
This addon is designed to apply to all users who access Statamic's Control Panel, regardless of role or group.
Features
This addon enables two factor authentication for all Control Panel users. When enabled, users will be prompted to set up two factor before they can continue. The addon also creates emergency recovery codes for each user's account.
This addon:
can be enabled or disabled per environment (such as disabling on your local dev environment)
locks user accounts after a number of failed two factor challenge attempts
can re-challenge users after a period of time (default to 30 days, or can be disabled)
adds a fieldtype for user and profile editing
Users are able to:
show or re-generate their emergency recovery codes
remove two factor authentication (which will log them out, and require set up on their next login)
Admin can:
unlock user accounts
remove two factor setup details from any user
These admin behaviours are connected to Statamic's "edit" permission for Users.
Two Factor for Statamic is a Commercial Addon
You can use it for free while in development, but requires a license to use on a live site.
Learn more or buy a license on the Statamic Marketplace!