Multi-Factor Authentication is the practice of adding an extra authentication step - often requiring use of a separate device such as a smartphone. What this means for you is that even if your login credentials are somehow obtained by a third party, they still would not be able to log in without also obtaining your MFA device. Multi-Factor Authentication is essentially to any website owner who values site security.
Logging In with MFA
Setup Instructions
- In the backend, go to My Account in the top right.
- Check the Use Multi-Factor Authentication? checkbox.
- Generate an MFA Secret and scan the generated barcode using Google Authenticator (Android, iPhone).
- Enter two security questions and answers - these will be used when you don't have access to your phone.
- Click Save at the bottom of the form.
Once set up, Google Authenticator will display a continually changing set of 6 digits. When you next log in, you'll need to enter the currently showing number.
For Extra Security
- In the backend, go to Settings - Multi-Factor Authentication
- Check Require MFA for all administrators?
This option will restrict new or existing administrators who haven't yet enabled MFA to the My Account section of admin until they set it up.
-
creg
Found the plugin useful on 31 May, 2019
A useful plugin - it does what it's supposed to do.
-
Paul Grafx
Found the plugin useful on 29 Sep, 2018
Very easy setup and the support was ultra quick.
If you want a way to add extra security to your website admin access then this is it... with a little help from google authenticator.
Very happy with purchase.
-
1.0.16 |
Minor bug fix for warning generated on first plugin installation Sep 18, 2019 |
---|---|
1.0.15 |
Fix error when saving profiles that haven't had MFA set up yet Aug 01, 2019 |
1.0.14 |
Use a version of google-authenticator compatible with October's minimum PHP version Aug 01, 2019 |
1.0.13 |
Revert dependency updates due to issues with capitsalisation and PHP version Jun 01, 2019 |
1.0.12 |
Compatibility with v455, update dependencies May 28, 2019 |
1.0.11 |
Fix error messages when inputting incorrect MFA codes Feb 14, 2019 |
1.0.10 |
Security fix Jan 17, 2019 |
1.0.9 |
Added settings page with option to force MFA for all administrators Jan 17, 2019 |
1.0.8 |
Super admins can now modify MFA settings of other admins Jan 16, 2019 |
1.0.7 |
Fix the make_user_fields_nullable migration for new installations with DB prefixes Sep 29, 2018 |
1.0.6 |
Deprecated method call fix Oct 22, 2017 |
1.0.5 |
Case sensitivity fix Oct 15, 2017 |
1.0.4 |
Make user fields nullable Sep 29, 2016 |
1.0.3 |
Rainlab.User bug fix Oct 02, 2015 |
1.0.2 |
Compatibility with v204 Sep 14, 2015 |
1.0.1 |
Initialize plugin. Apr 24, 2015 |