Introduction

Authentication, Login protection

A real Two Step Verification system for Joomla!

  • Favourite
  • Report

Security experts agree that the first step to securing your site against unauthorized access is using a second step during the login process. Joomla 3.2 and later offer Two Factor Authentication which requires you to enter a security code along with your password to log into your site. However, Two Factor Authentication is susceptible to spoofing attacks. Moreover it does not let you use any second factor which is not a text code known to you before you login.

The solution to that is Two Step Verification. You login with just your username and password. However, at this point, you have a "captive login" and you cannot use the site unless you provide your second authentication factor. This could be a text code generated by Google Authenticator like what Joomla already allows, or something impossible to use with core Joomla such as a text code sent to you by SMS or push notification or even a secure hardware token following the FIDO U2F (Universal Second Factor) standard. After providing and validating the second factor your login becomes full features and you can use the site. This is very much like what Google does when you try to login to GMail; or what happens when you log into GitHub; or how Apple handles login to iCloud.

You can easily set up which user groups are required to set up Two Step Verification and which user groups should not have that option. Users can enrol themselves to Two Step Verification or opt out of it (unless their user group requires it to be set up).

Akeeba LoginGuard currently supports the following second factors:
* Web Authentication (WebAuthn), the W3C standard for multi-factor authentication
* Authenticator App (Google Authenticator, Authy, 1Password etc)
* YubiKey
* U2F (any USB or NFC token following the U2F protocol will do, including the cheap Amazon ones)
* PushBullet (only with a paid PushBullet account)
* SMS Text Message (you need a paid subscription to the supported SMS service; read the documentation)
* Email
* Fixed Code (ONLY FOR DEMONSTRATION - this is the same as using a password; don't use on production sites)

This extension is brought to you by the same people who wrote Joomla's Two Factor Authentication feature. It is currently used on hundreds of sites by a combined user base in the several dozen thousands.

Functionality
Great , i use email + google authentication
Ease of use
Very easy
Support
Very good
Documentation
Very good
I used this to: we are company selling joomla extensions , and we want to secure our joomla users more.
Functionality
With this extension, you can have a Two Step Verification with many systems :
YubiKey, Authenticator App, U2F, Pushbullet, SMS Text Message.
Ease of use
Simple
Support
Support for this extension never used, Never used but the Akeeba site have a very good support for my other akeeba extensions.
Documentation
Ok
I used this to: My site.
I prefer to use The Yukey extension because i can choose between "front only", "backend only" or Both for The "site section" parameter.
Akeeba Backup
Free

Akeeba Backup

By Akeeba Ltd
Site Security
Akeeba Backup Core is the most widely used open-source backup component for the Joomla! CMS. Its mission is simple: create a site backup that can be restored on any Joomla!-capable server, making it ideal not only for backups but also for site transfers or even deploying sites to your clients' servers. Akeeba Backup creates a full backup of your site in a single archive. The archive contains all t...
Admin Tools Professional
Paid download

Admin Tools Professional

By Akeeba Ltd
Site Security
From the makers of Akeeba Backup Core/Professional and Admin Tools Core, this is the enhanced release of Admin Tools, available on a subscription basis. On top of what Admin Tools Core already offers, Admin Tools Professional has these exclusive features: - Security tightening .htaccess (Apache), nginx.conf (NginX) and web.config (IIS) file generator with a simple yet powerful user interface - Res...
Admin Tools
Free

Admin Tools

By Akeeba Ltd
Site Security
Admin Tools is a true Swiss Army knife for your site. Our freely available Admin Tools Core will detect, notify you about new Joomla! releases, fix your files' and directories' permissions, protect your administrator directory with a password, change your database prefix, migrate links pointing to your old domain on-the-fly and perform database maintenance, all with a single click. Written and ma...
Akeeba SocialLogin
Free

Akeeba SocialLogin

By Akeeba Ltd
Site Access
Allow your users to log in with their social media profile (Facebook, Twitter etc) IMPORTANT: NO LONGER MAINTAINED. We DO NOT actively maintain this extension anymore. The rate at which social networks implement breaking changes we cannot address (bar with a massive rewrite every 3 months or so) make it a bad business idea relying on social networks for account creation and logging into your sit...

Akeeba LoginGuard

Version:
3.2.0
Developer:
Akeeba Ltd
Last updated:
May 13 2019
Date added:
Mar 06 2018
License:
GPLv2 or later
Type:
Free download
Includes:
c p
Compatibility:
3
Download

Uses Joomla! Update System

Score:


Write a review