Two-factor authentication

New in version 4.8.0.

Since phpMyAdmin 4.8.0 you can configure two-factor authentication to be used when logging into it. To use this, you first need to configure phpMyAdmin configuration storage. Once this is done, every user can opt-in for second authentication factor in the Settings.

Authentication Application (2FA)

Using application for authentication is quite common approach based on HOTP and TOTP. It is based on transmitting private key from phpMyAdmin to the authentication application and the application is then able to generate one time codes based on this key.

There are dozens of applications available for mobile phones to implement these standards, the most widely used include:

Hardware Security Key (FIDO U2F)

Using hardware tokens is considered to be more secure than software based solution. phpMyAdmin supports FIDO U2F tokens.

There are several manufacturers of these tokens, for example:

Simple two-factor authentication

This authentication is included for testing and demostration purposes only as it really does not provide two-factor authentication, it just asks user to confirm login by clicking on the button.

It should not be used in the production and is disabled unless $cfg['DBG']['simple2fa'] is set.