Koha 22.05: Admin Overview
 Two-factor authentication for staff client – TOTP
This new feature adds an initial optional implementation of two-factor authentication (2FA) to improve security when logging into the staff interface.
This implementation uses time-based, one-time passwords (TOTP) as the second factor, letting librarians use an application to handle it and provide them the code they need when logging in.
It is enabled using the new system preference “TwoFactorAuthentication”.
Librarians can then enable 2FA for their account from More > Manage Two-Factor authentication. To setup: 1) Scan the QR code with an authenticator app. 2) Enter the one time code generated. For future logins, librarians are prompted to enter the authenticator code after entering their normal login credentials.
Any authenticator app, such as Google Authenticator, andOTP, and many others can be used. Applications that enable backup of their 2FA accounts (either cloud-based or automatic) are recommended.
 Introduce password expiration to patron categories
 Add a ‘set new password’ page for patron’s with expired passwords
This patch adds a new page opac-reset-password where a user can enter their login (userid or carndumber), current password, and new password. If the user has a password expiration date and the current password is correct and the new passwords match and meet requirements their password will be updated and the expiration date reset. A patron whose password does not expire will be redirected to login to change their password.
 Automatic linking in guided reports
New system preferences
Renamed system preferences
AutoEmailOpacUser renamed AutoEmailNewUser
RecordIssuer renamed RecordStaffUserOnCheckout
Deleted system preferences
New Authorized value categories
New letter codes
More 22.05 Koha Upgrade Notes
Read more by Donna Bachowski