Two Factor Authentication (2FA / TFA) / Multi Factor Authentication (MFA)

Boost the user and login page security on your Joomla website. The best way to protect against automated password guessing, and brute force attacks is to enable two-factor authentication (2FA").

All Features

• 15+ Two factor authentication methods including Google, Duo, Microsoft, Okta and All TOTP Authenticators.
• Role Based Two Factor Authentication.
• Domain Based Two Factor Authentication.
• IP Whitelisting (2FA will not invoke for given IPs)
• Two Factor Authentication supports login using:
  • Login using Username + Password + 2FA
  • Login using Username + 2FA (Passwordless login)
  • Login using Email + Password + 2FA
  • Login using Email + 2FA (Passwordless login)
  • Login using Phone number + Password + 2FA
  • Login using Phone number + 2FA (Passwordless login)
• 2FA supports in-line user registration, so you can just activate and configure the plugin and you're ready to go.
• Soft Token, QR Code Authentication, Push Notification are supported by miniOrange Authenticator App.
• Supported TOTP (time based one time password) MFA methods: Google Authenticator, Duo Authenticator, Authy Authenticator, Microsoft Authenticator and LastPass Authenticator.
• If you want to login from the mobile browser then any authentication method can be converted into Security Questions (KBA) by just one click.
• We support multi-factor authentication for all types of phones like smartphones (iOS, Android, BlackBerry), Basic Phones, Landlines, etc.

Supported 2FA / MFA authentication methods [ Video Library ]

1) Phone/Email based authentication
- OTP (One-Time Passcode) over SMS
- OTP over Email
- OTP over SMS and Email (same OTP will be send over SMS and Email)
- OTP over Call (Phone Verification)
- OTP over WhatsApp (Coming soon)

2) TOTP (Time Based One Time Password) Apps
- Google Authenticator [ Setup Guide ] [ Video Setup ]
- Duo Authenticator [ Setup Guide ] [ Video Setup ]
- Microsoft Authenticator[ Setup Guide ] [ Video Setup ]
- Okta Verify Authenticator [ Setup Guide ] [ Video Setup ]
- Authy 2-Factor Authenticator [ Setup Guide ] [ Video Setup ]
- LastPass Authenticator [ Setup Guide ] [ Video Setup ]
- miniOrange Authenticator [ Setup Guide ] [ Video Setup ]
- Contact us if you need any other app.

3) Other
- Security Questions (KBA)
- Back-up codes
- USB based Hardware token (yubikey)
- Mobile Authentication (QR Code authentication)
- Push Notification (User will receive Accept and Deny transaction popup on phone)
- Soft Token (similar to Google authenticator)

You can choose from any of the above two-factor Authentication (MFA) methods to increase your password-based authentication.

Premium Version features

• Role based 2FA
• Enforce 2FA registration for users
• Select 2FA methods to be configure by end users
• Passwordless Login
• Backup security questions (KBA)
• Add your own KBA/Security questions
• Backup codes
• Enable login by email address
• Redirect URL (After login)
• Change app name in Google authenticator app
• Customize Email Templates
• Customize SMS Templates
• Customize OTP length and validity
• Remember Device (available soon)
• IP specific 2FA (Whitelisting IP Address)
• End to End 2FA Integration**

Installation Steps :

• Goto Extensions --> Manage --> Install.
• Search for miniOrange 2FA in the search box
• Install the miniorange Two Factor Authentication plugin.
• Then go to Extensions --> Manage --> Manage.
• Search for 2FA in the search box
• Enable all the extensions present in the list.
• Configure the plugin at Component-> miniOrange Two Factor Authentication ->Setup Two Factor

What makes Joomla Two Factor Authentication (TFA) special?

Our 2FA plugin supports more than 15 authentication methods along with their backup method.
2FA supports Device Identification. If the user selects Remember device then on the next login from the same device, the user will not be prompted for Two Factor.
It is very difficult to log in to your site from the mobile browser with Two Factor enabled. We provide you with the option that will convert any authentication method into Security Questions(KBA) on a mobile browser.

What is Passwordless Login (Sign-in) (Authentication) to Joomla :-

Passwordless Login (Sign-in) (Authentication) allows users to log in without the need of remembering a password. Instead of conventional username and password, users enter mobile phone number or email address to receive a one-time code (one time password) or link on their phone number or their email address, which they can then use for log in.

Custom feature requirements -

If you want any custom changes or features in this plugin, let us know your requirement on joomlasupport@xecurify.com and we will add that feature in the plugin for you.