Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Won't Do
-
None
-
None
Description
It would be great to see two-factor authentication options added to NiFi. I believe there can be two solutions which can be investigated and added:
- External identity providers which offer 2FA/2SV (easy)
- Allow a NiFi administrator to enforce 2SV for NiFi users
- A native solution (hard)
- Will require some level of native user tracking to track shared keys per user for TOTP. Currently NiFi stores basically no details of users or their passwords.
- Secure hashing of passwords using bcrypt/scrypt or some other password hashing mechanism
- Uses an open source library to handle TOTP
- Must allow users to initialize, enter and verify TOTP values
- Will require some level of native user tracking to track shared keys per user for TOTP. Currently NiFi stores basically no details of users or their passwords.