Two Factor Login for Statamic 3
Statamic 2FA is a middleware addon for Statamic 3 that adds 2FA (2 factor) auth to the control panel of Statamic 3 using time based codes.
Statamic 2FA is commercial software. You do not need a licence for development but when you are ready to deploy the site to production please purchase a licence per site on the Statamic Marketplace.
Install the addon using composer
You can install this addon via composer with the following command or from the Statamic control panel.
composer require kind-work/two-fa
two_fa field to your user blueprint. Edit your user profile in the control panel (CP) to set up 2FA protection for your account.
title: User sections: main: display: Main fields: - handle: name field: type: text display: Name - handle: email field: type: text input: email display: 'Email Address' - handle: roles field: type: user_roles width: 50 - handle: groups field: type: user_groups width: 50 - handle: avatar field: type: assets max_files: 1 - handle: two_fa field: type: two_fa localizable: false display: 'Two FA'
Force 2FA Login
To force 2FA for all users set an environment variable
To force 2FA for specific roles, publish the config file and edit as appropriate.
php artisan vendor:publish --tag="two-fa-config"
By default QR codes are rendered as inline PNG files. This requires the Imagick PHP extension. If you would rather not or can not install Imagick you can render the QR codes as SVGs instead. You can customize this in your configuration file or by setting the environment variable
By default accounts are locked out after 5 attempts to enter a 2FA code. You can change this in the config or by setting the environment variable
A user can choose to remember the browser when they enter their 2FA code, so they do not have to re-enter their 2FA code on each login. By default the time to remember the code is 30 days. You can change this default by setting the number of minutes that the browser should be remembered in the config or the environment variable
If you store your users in a database run the following command to generate a database migration.
php artisan vendor:publish --tag="twofa-migrations"
Migration from V1 to V2
File Based Users (default)
If you store your users in files you can optionally run the following migration to move over remember tokens and the 2FA-enabled visual indicator field to their new names.
php please 2fa:migrate:fields
To migrate your MySQL database to the new column names, run the following commands to copy over and run the migration.
php artisan vendor:publish --tag="twofa-migrations" php artisan migrate
Please see the Release Notes for more information what has changed recently.
If you discover any security-related issues, please email [email protected] instead of using the issue tracker.
This is commercial software. You may use the package for your sites. Each site requires its own license. You can purchase a licence from The Statamic Marketplace.