Make Two-Factor-Auth optional for each user

Good idea, patches are very welcome.

So if a user has the permission 'login without code' and they create a code, they have to use the code to login. Each user can select this on their profile page and disable it whenever they want, but only when they have the permission 'login without code'.

Removing the code field from the form isn't going to work, because other modules can hook into it using hook_form_alter so it has to stay in the same form.

Nice work

+++ sites/all/modules/ga_login/ga_login.module	(revision )
@@ -306,9 +313,35 @@
+  else if ($form_id == 'user_profile_form') {

should be elseif

+++ sites/all/modules/ga_login/ga_login.module	(revision )
@@ -306,9 +313,35 @@
+    $form['ga_login']['ga_login_force_tfa'] = array(
+      '#type' => 'checkbox',
+      '#title' => t('Protect my account with two-factor-authentication'),
+      '#default_value' => isset($account->data['ga_login_force_tfa']) ? $account->data['ga_login_force_tfa'] : FALSE,
+      '#description' => t('Check this box to force two-factor-authentication during login. If you decide to do so and haven\'t yet created your key, then please also refer to <a href="@url">GA Login</a>.', array('@url' => url('user/' . $account->uid . '/ga_login'))),

Maybe it is safer to only allow this option if they already have a code?

#4 great idea

Index: sites/all/modules/ga_login/ga_login.module

can you make the patch from inside the ga_login directory

I cannot apply the patch, can you create one using git diff (or something similar)

Patch applied using patch command, but have a look at http://drupal.org/node/707484 so you can configure your editor to make it easier for us (and our tools)

Thanks, fixed for Drupal 7 in latest dev version.

Sorry if I got this wrong but will this allow a user to turn of 2-factor auth after they have set it up?

I run some sites with users not that tech savvy that do not need 2-factor auth as much as other users. e.g. some users only login from their homes and have complex passwords but may have problems dealing with GA. Others login in from different boxes and may be concerned about keyloggers, etc.

So when I set up 2-factor auth for all users but later on we find that some of them are overwhelmed by the 'complexity' I need a way to turn it off for them.

I will gladly open a new issue but I wanted to check before if this is what I need and I only didn't understand it thoroughly.

Thank you for this great module, by the way!

#12 that's the right explanation.

Thank you. This is what I was looking for. I'm very impressed how communication with users is handled here. Thank you.

Not ported to 6.x due to lack of time. Feel free to reopen and create a patch if anyone would need this is 6.x