It doesn’t look like postorious (web frontend for GNU mailman) has any kind of MFA support, at least according to the deployment doc: https://asynchronous.in/docker-mailman/ and neither does Sympa -

https://www.sympa.community/gpldoc/man/sympa_config.5.html

Thus, I suspect this would have to be a feature request to the Postorious team, or some sort of reverse proxy that implements MFA or PassKey (passwordless) auth - functionally similar to x.509 cert based auth without all the x.509 overhead.

Rouben

On Wed, Jun 11, 2025 at 12:25 Ron via Talk <talk@lists.gtalug.org> wrote:

Scott Allen via Talk wrote on 2025-06-10 19:14:

> It was requested that we send some test messages to the new mail list,
> so here's one, with a purpose.

Thanks!

> Is there a way to enable two factor authentication for signing in to
> the mail list web site athttps://lists.gtalug.org ?

I have no idea how to begin to accomplish this and there's no mention of
it in the docs.

While a mailing list isn't really a high value security target, it'd be
interesting to explore.

Any ideas how one would implement 2FA on a web site?

------------------------------------
Description: GTALUG Talk
Unsubscribe via Talk-unsubscribe@lists.gtalug.org
Start a new thread: talk@lists.gtalug.org
This message archived at https://lists.gtalug.org/archives/list/talk@lists.gtalug.org/message/34YH4RUTMKSUOOOLCEQI6YZIIGY4XMQL/