Vdlp.TwoFactorAuthentication
This plugin adds Two Factor Authentication to the Backend of October CMS.
What makes this plugin better than others?
- Each Secret Key is stored encrypted.
- Actively Maintained by Van der Let & Partners (official October CMS partner).
- User Friendly UI.
- New features will be added frequently.
Supported Apps
- Authy for iOS, Android, Chrome, Mac OS
- FreeOTP for iOS, Android and Pebble
- Google Authenticator for iOS
- Google Authenticator for Android
- Google Authenticator (port) on Windows Store
- Microsoft Authenticator for Windows Phone
- LastPass Authenticator for iOS, Android, Mac OS, Windows
- 1Password for iOS, Android, Mac OS, Windows
- Bitwarden for iOS, Android, Mac OS, Linux, Windows
Questions? Need help?
If you have any question about how to use this plugin, please don't hesitate to contact us at octobercms@vdlp.nl. We're happy to help you. You can also visit the support forum and drop your questions/issues there.
If you love this quality plugin as much as we do, please rate our plugin.
After installing the plugin, go to My Account to enable Two Factor Authentication.
Requirements
- October CMS 3.0 or higher
- PHP 8.0.2 or higher
Configuration
To configure this plugin execute the following command:
php artisan vendor:publish --provider="Vdlp\TwoFactorAuthentication\ServiceProvider" --tag="config"
This will create a config/twofactorauthentication.php file in your app where you can modify the configuration.
-
inIT
Found the plugin useful on 13 Aug, 2022
Install it, and enable 2FA for your backend account. As easy as it sounds. Great job!
-
Robert Mejlerö
Found the plugin not useful on 15 Sep, 2021
Doesnt work for latest October.
-
Van der Let & Partners author
Replied on 15 Sep, 2021
Hi Robert,
An update for this plugin is still in the works. Don't expect us to have an update available immediately since October CMS 2.1 (stable) is released not very long ago. We have a lot of plugins to manage, so it will take some time to test them all properly.
If you have purchased this plugin, I can provide you with a nightly build which will work with October CMS 2.x in the meantime.
Please contact us at octobercms [at] vdlp [dot] nl and we are happy to help you!
-
Maarten Machiels
Found the plugin useful on 30 Nov, 2020
Hi, we're gradually rolling out this plugin for all of our clients. It would be nice to be able to force users to set 2FA upon next login (maybe with a kind of grace period). Can you please let us know if this is in the roadmap for this plugin? Thanks in advance for your response.
-
Van der Let & Partners author
Replied on 2 Mar, 2021
Hi Maarten, thank you for reaching out to us. We have added this feature recently. We'd like to thank you for participating on testing this feature. It has now included since version 2.0.0. If anyone has ideas, suggestions or issues please contact us at octobercms [at] vdlp [dot] nl.
-
Ronny Skog
Found the plugin useful on 29 Mar, 2019
It works but for some reason I'm only able to add authentication to one of the two admin accounts.
-
Van der Let & Partners author
Replied on 1 Apr, 2019
Users must enable 2FA for themselves. Since v1.3 administrators are able to disable 2FA for users if they have lost their device or security code.
-
OFFLINE
Found the plugin useful on 27 Feb, 2019
Super easy plugin, does what it should, and is very easy to implement.
-
| 3.9.0 |
Change disabling 2FA of other backend users. Nov 30, 2023 |
|---|---|
| 3.8.0 |
Prevent unnecessary `Registering Intended Uri` logs to `/backend`. Sep 29, 2023 |
| 3.7.0 |
Several additions, improvements and fixes -- see CHANGELOG.md Jun 01, 2023 |
| 3.6.0 |
Improve redirection logic after successful verification. Mar 09, 2023 |
| 3.5.3 |
Update French translation. Feb 20, 2023 |
| 3.5.2 |
Security improvements -- see CHANGELOG.md Dec 16, 2022 |
| 3.5.1 |
Security improvements -- see CHANGELOG.md Dec 15, 2022 |
| 3.5.0 |
Improve UI for October CMS 3.x Nov 30, 2022 |
| 3.4.0 |
Maintenance release -- see CHANGELOG.md Sep 23, 2022 |
| 3.3.2 |
Fix redirect loop when accessing Sign In page when backend user is signed in. Jun 02, 2022 |
| 3.3.1 |
Fix implementation of backend.force_remember configuration. May 25, 2022 |
| 3.3.0 |
Add October CMS 3.x to supported versions. Apr 12, 2022 |
| 3.2.2 |
Fix reading logging_enabled configuration parameter. Feb 03, 2022 |
| 3.2.1 |
Fix form button types. Dec 10, 2021 |
| 3.2.0 |
Add configuration option for disabling logging. Dec 10, 2021 |
| 3.1.4 |
Replace usage of `cms.backendForceRemember` (OC 1.x) with `backend.force_remember` (OC 2.x) Nov 02, 2021 |
| 3.1.3 |
Fix missing usage of `force_all_super_users` configuration parameter. Oct 05, 2021 |
| 3.1.2 |
Fix redirects while intercepting login Sep 23, 2021 |
| 3.1.1 |
Extended logging and code improvements -- See CHANGELOG.md Sep 22, 2021 |
| 3.1.0 |
Drop support for October CMS 1.x Sep 20, 2021 |
| 3.0.0 |
!!! Add support for PHP 7.4 and higher Jul 13, 2021 |
| 2.0.2 |
Fixes typo in Configuraton section in README file. Mar 03, 2021 |
| 2.0.1 |
Fixes two important issues in authentication flow -- See CHANGELOG.md Feb 23, 2021 |
| 2.0.0 |
Add support for forcing 2FA set up after authentication -- See CHANGELOG.md Dec 31, 2020 |
| 1.5.1 |
Remove the autocomplete attribute from the OTP field. Prevents storing OTP in browser cache. Aug 18, 2020 |
| 1.5.0 |
Upgrade dependency `libaries pragmarx/google2fa` and `endroid/qr-code`. May 26, 2020 |
| 1.4.0 |
Fix redirect issue when cms.backendUri is empty. May 26, 2020 |
| 1.3.0 |
Allow disabling 2FA for users as superuser (superuser must have 2FA enabled). Jan 23, 2020 |
| 1.2.1 |
Fix issue with login screen not showing up Jun 21, 2019 |
| 1.2.0 |
Add 2FA column to user list Jan 18, 2019 |
| 1.1.1 |
Fix invalid method call Nov 07, 2018 |
| 1.1.0 |
Improve security by generating the QR-code on server (instead of Google Charts API). Nov 02, 2018 |
| 1.0.0 |
First version of Vdlp.TwoFactorAuthentication Oct 12, 2018 |