As of Dradis Pro v4.16, you can now have multi-factor authentication across a wide variety of One-Time-Password providers such as Authy, Google Authenticator, and others.
You can install Dradis OTP with the Integration and Tool Manager in the Tools tab.
Once Dradis OTP is installed, users on your Dradis instance will be prompted to configure MFA on their next login, using a QR code. Users can use that code in their preferred authentication app on their mobile phones and follow their setup steps. From now on, that MFA method will be used on subsequent logins.
To disable Dradis OTP again, an Admin must simply remove Dradis OTP from the Integration and Tool Manager. Then all users will again be able to log in without MFA.
In case a user needs to change their MFA method - for example, if they lose or change their phones - then any user with command line access to the Dradis instance will need to delete their token, so that the user is prompted to configure a new OTP method on their next login. To do so, in your Dradis instance as the dradispro user:
$ cd /opt/dradispro/dradispro/current/ $ RAILS_ENV=production bundle exec rails console irb> user = User.find(ID) irb> user.access_tokens.where(name: 'otp:token').destroy
Sub in the user's ID above. You can find it by mousing over the Edit button next to their user on the Users menu. Alternatively you can find them by email, by replacing User.find(ID) with User.find_by_email('my@user.com').
If you're running into issues, please contact our support team and let us know!
Your email is kept private. We don't do the spam thing.