Two factor authentication for end users

[Shuchi 0]

Hi,
I am working on an application where I need two factor authentication for my application's end users. I understand that this functionality is currently not available in Caspio Bridge, but I am thinking of creating a custom API in .Net for authentication using my SQL Server DB instance.
Is there any way possible that I can call this custom API in Caspio while authenticating a user?

[NailDyanC 5]

Hi,

In Caspio 15.0 you can now use two-factor authentication to enhance the security of your Caspio account by requiring a second level of verification during login. Make sure you enable two-factor authentication and start using your Caspio ID in parallel with the SMS or Google Authenticator codes whenever you access your Caspio account.

For more information, see Enabling two-factor authentication.

You can also refer to this link: https://howto.caspio.com/release-notes/caspio-bridge-15-0/ 

I hope that helps.  

[AnchovyXL 4]

On 11/22/2018 at 3:25 PM, NailDyanC said:

Hi,

In Caspio 15.0 you can now use two-factor authentication to enhance the security of your Caspio account by requiring a second level of verification during login. Make sure you enable two-factor authentication and start using your Caspio ID in parallel with the SMS or Google Authenticator codes whenever you access your Caspio account.

For more information, see Enabling two-factor authentication.

You can also refer to this link: https://howto.caspio.com/release-notes/caspio-bridge-15-0/ 

I hope that helps.  

This can only be applied to the Caspio Bridge User. If you want two-factor authentication for the end users, I think it is something that is not yet possible. What they have now is two type of authentication for end users. You can have them login using Google, Twitter and OpenID OR your Caspio-built authentication.

https://howto.caspio.com/authentications-and-connections/authentication/

[emarchewka 0]

I had a similar issue and did a workaround. Albeit, not perfect, it is functional.

I setup an OTP table to capture, email or mobile and then two fields, to auto fill the USERID from members table based on cascading text field in the datapage. There are two more fields, one with a auto gen 8 digit code, and one with a time stamp.

This table has a TA to put the code and time stamp in the members table.

My authentications then look at the email, password, and code from the members table.

I then have 4 tasks that run every hour in 15 min increments. These tasks clear the entries from the OTP table and nulls the code and timestamp in the members table based on the age of the time stamp.

I have a datapage that the user fills out before they sign in to generate their code. They can deliver it via EMAIL or SMS. Then they can sign into the app.

Hope this helps. Again, not perfect but it works.

[LittleMsGinger 20]

I also had a workaround that I would like to share with you. 

Here are the objects in Caspio Bridge that  you need to perform the said workflow.
* Separate Table to generate the One-time password upon logging in.
* Submission form. (This will be a auto submit form.)
* Standalone Login Screen.
* Details DataPage for submitting the OTP.

Attached is a word document with steps and screenshots.

Hope this helps.

Two Factor Auth - User Level.docx