Since 2009

[New Product] SMFPacks Two Factor Authentication

Discussion started on Main News


Two-factor authentication provides an additional layer on login to reinforce security on your website!

Additional protection for accounts!
With two factor authentication your users will be able to protect their accounts with their password and cell phone/email! Your password could be stolen with any of the following actions:

  • Using the same password in more than one site.
  • Donwnloading software in your cell phone or pc.
  • Making a click in an email.

How it works?
The process to login will be a little bit different:
1. Add your password.
Everytime you login you must enter your password (just like before).
2. Something else is required.
After login a code will be sent to either your mobile phone or your email, this code will be required to complete login!

One step login on known computers
While users are doing login they can choose to not ask two-step verification on that computer for the next 30 days! Security maintains as when another PC tries to use the account, the two-factor authentication step will be required!

How it protect accounts?
If a hacker gains access to that password he's going to need your cell phone or your email address to use their account. Two factor authentication accounts are protected with something you know (password) and something you have (email/cell phone).

Are codes secure?
Codes are created specifically for your accounts right when you need them, if you decide to use two-factor authentication, they are sent to your cell phone or email address. Each code can be used only once!

Simple configuration!
Installation is quick and easy, and configuration can be done with a simple selection as this mod provides four states: disabled, enabled, enabled and required for certain membergroups, enabled and required for every user!


Force 2FA for certain membergroups
If selected, you can force certain membergroups (like staff members) to use 2FA! This is extremelly useful to prevent powerful accounts in your website to be wrongly used by hackers!

Mobile Phone layer

To receive authentication codes via a phone app, users must first install a code-generating app such as Authy or Google Authenticator on their phone. Then simply scanning the QR code provided they'll have their accounts secure!

Email Codes are supported too!

In case users don't have an smartphone they'll be able to receive generated codes via email, giving them a similar protection without depending on a specific device! Keep in mind that mobile phone is much more secure and is recommended over this method!

Backup codes keeps them connected!
When two factor authentication is activated, a backup code is automatically generated as an alternative method to login, in case they lost access to their cell phone or email they'll be able to login using this code which can only be used once!

Which apps are compatible?

#1 - June 06, 2016, 07:38:47 PM
« Last Edit: June 07, 2016, 11:29:23 AM by NIBOGO »
  • Like


0 Members and 1 Guest are viewing this topic.

Share via delicious Share via digg Share via facebook Share via linkedin Share via pinterest Share via reddit Share via stumble Share via tumblr Share via twitter