Add 2FA support

[metmarkosaric]

"As a company that gets many customers because they value the privacy and data security of their customers and themselves, it would be a great addition to Plausible if 2-factor-authentication was available as well as multiple user accounts. Sharing one user account across different employees is by default insecure and needless to say 2FA provides higher security."

Update: You can now enable two-factor authentication (2FA) as an extra security layer for your Plausible account in your account settings. Here’s how: https://plausible.io/docs/2fa

[metmarkosaric]

Another vote for 2FA via email:

"I'm sure more companies would be attracted by your service if you could offer it. It should be pretty easy and " no cost" (besides implementation/maintain of code of course.. which we all know is a cost :)) to implement a simple solution with TOTP (no need for you to pay per transaction for SMS-codes etc). We did it ourselves in less than a day for our own web service. However I understand it's a question of prioritization. The problem is probably that many doesn't take the time to contact you to check if you have 2FA (as the default guess is "no") so you are probably missing out some business opportunities as well.. Anyway, I would be glad to use your service once you have support for it, so I will check back on the thread."

[metmarkosaric]

Another vote for 2FA today which seems to be a popular feature request from companies

[finnsnape]

Any update on this? Seems like a critical feature

[metmarkosaric]

No update on this at the moment. We'd like to build this but I cannot make any promise on when we will be able to work on it. We're a small team with limited development resources so need to take it one step at a time. There are some other more frequently requested features that we are working on at the moment. Thanks for understanding!

[alexanderadam]

I know that issue 169 was closed because you have "have no intention to add any third-party logins" but maybe it would still be an elegant way also to support external logins and feature 383 might solve this as well anyway, right?

Sign ins for the well known I18n Elixir app Accent via external providers can be setup via few environment variables and since they're using Überauth adding another provider strategy like GitLab seem to be straightforward.

Not quite relevant but still related: I saw that Plausible already integrates OAuther (for OAuth 1.0) as a mix dependency but I'm not able to see where it might be used?

Also thank you so much for working on Plausible. It's highly appreciated and of course it is absolutely understandable if features take time.

[finnsnape]

No update on this at the moment. We'd like to build this but I cannot make any promise on when we will be able to work on it. We're a small team with limited development resources so need to take it one step at a time. There are some other more frequently requested features that we are working on at the moment. Thanks for understanding!

That's a shame, though I appreciate people have different priorities. I love everything else about Plausible and was just about to sign up, but as a freelancer I'm worried about exposing the data of dozens of my clients or leaving it vulnerable to being deleted by someone malicious. You're doing great work regardless though.

In my view, login via email and password is not very viable in {{currentYear}}. Is there any plans to add some trivial security measures such as an IP whitelist for admin accounts? Or perhaps I missed some of these features?

[finnsnape]

Also with regards to this perhaps not being a frequently requested feature, I think the person you quote above is correct in saying

The problem is probably that many doesn't take the time to contact you to check if you have 2FA (as the default guess is "no") so you are probably missing out some business opportunities as well

Seems like there may be a silent majority who simply move on when they see this feature does not exist

[metmarkosaric]

We don't have any plans to work on this at the moment as we have some other priorities but it is on our list of things to do. We'll update this post when there's something new on this topic.

[finnsnape]

Once this is being worked on, I think it would be very helpful to include a feature that enables admins to force 2FA on users they invite

[metmarkosaric]

that could be nice!

[latvia234]

Please add support for YubiKey and other U2F Security Keys to Plausible. Security keys are the most secure form of 2-Step Verification and protect against phishing threats.

Some interesting articles:

• Wiki: https://en.wikipedia.org/wiki/Universal_2nd_Factor
• Companies that already support Yubikeys: https://www.yubico.com/nl/works-with-yubikey/catalog/?sort=popular
• Interesting article: https://www.yubico.com/resources/reference-customers/google/
• Interesting support article about security keys: https://support.google.com/accounts/answer/6103523

[MacStasy]

Any update on this?

[susanthenerd]

As I really need 2FA, I plan on implementing it myself in the codebase.
Please let me know if you have any idea on how it should be done.

[susanthenerd]

@ruslandoga Thanks for the info. When adding it, should I add it just for login as an option, or it should ask and for other critical options(change of important account options as an example) for a 2FA code?

[ruslandoga]

I think you'd need to present the seed on registration for user to save it (to 1password, for example), and then as an additional check on login. As for asking for it on other actions, I don't know. Does Plausible ask for password anywhere outside of the login page?

[susanthenerd]

So you wish to force users to use 2FA? I find it as a possible inconvenience.

What about backup codes? Anything that should I take in consideration?

[ruslandoga]

So you wish to force users to use 2FA?

That'd be up to you :)

What about backup codes?

That'd also be up to you, backup codes are not strictly part of totp. Access restoration can happen via backup codes / email / support. Backup codes can be stored like passwords are stored right now.

[susanthenerd]

Ok, I will implement TOTP for now and then if others ask about backup codes, I will just add support for them.

[metmarkosaric]

Update: You can now enable two-factor authentication (2FA) as an extra security layer for your Plausible account in your account settings. Here’s how: https://plausible.io/docs/2fa

[KaKi87]

Hi,
I just installed a self-hosted Plausible instance and am not seeing this feature.
Did I miss an env variable or something ?
Thanks

[ruslandoga]

👋 @KaKi87

TOTP was added after v2.0.0 release. It will be present in the upcoming 2.1.0 release though.