From CS 418 — Web Progamming

CS418-S13: Extra Credit: Two-Factor Authentication

Contents (hide)

Assigned: Thu, Apr 18, 2013
Status Report: N/A
Due: Thu, May 9, 2013 (As part of Project 4)


This extra credit asks you to add measures to prevent user account hijacking. You must implement Open Authentication (OATH) and one-time passwords as defined in RFC 4226 and RFC 6238. The simplest way to do this is using Google Authenticator, which has a ready-made PHP module.


Allow existing users to add OATH

Require two-step authentication

Password reminders and resets

Require new admin and moderator accounts to use OATH (optional)



Retrieved from
Page last modified on April 17, 2013, at 10:45 AM