Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.With two-factor authentication schemes on the rise, it would be great if we could make use of existing modules such as https://www.drupal.org/project/yubikey to enforce ONLY the OTP (not the password) when masquerading into users with more privileges than current user, ie. into admin roles etc.
When clicking on the masquerade button (or user name links), the module should simply ask the user to emit the OTP of any of the Yubikeys associated with the current user (not the user switching TO, but a key registered with the current user that is permitted to do the masquerading). (only if the Yubikey module is activated, and only if the current user actually has (at least one) Yubikey(s) registered)
Comments
Comment #1
Leeteq CreditAttribution: Leeteq commented