Contributions made by Brendan Heywood 
auth_enrolkey
This auth plugin combines the best of both email based signup and self enrolment keys into a streamlined process making it much faster for students to get into a course. For the student it saves around 9-10 clicks and avoids context switching between a browser and their email client where they can become easily become disengaged or run into issues if their email is unavailable.
Latest release: 497 sites 197 downloads 57
auth_userkey
Log in to Moodle using one time user key based login URL. Auth plugin for organising simple SSO (single sign on) between moodle and your external web application.
Latest release: 894 sites 372 downloads 45
tool_lockstats
A lock statistics admin tool, specifically tailored to report on cron task timings.
This tool exposes which tasks are currently running and where, and also shows a detailed history of how long each task has taken in the past.
Latest release: 138 sites 30 downloads 32
local_envbar
Warn users with a notification block across the top of the screen when you're browsing a non-production server like staging or a local development box.
Latest release: 149 sites 23 downloads 17
local_csp
This plugin allows an admin to create a Custom Security Policy (CSP) in both reporting mode and enforcing mode. A simple use case is to detect and cleanup issues with non secure content after a migration from http to https, through to advanced policies to mitigate from XSS attacks.
Latest release: 235 sites 104 downloads 11
tool_heartbeat
A load balancer heartbeat / health checker url, and also a configurable nagios compliant cron health checker.
This should work out of the box with most load balancers, eg Amazon ELB, F5, HA proxy etc as most of these simply check the http status for 200 or non-200 response codes.
Latest release: 606 sites 57 downloads 10
tool_mfa
This is a Moodle plugin which adds Multi-Factor authentication (MFA), also known as Two-factor authentication (2FA) on top of your existing chosen authentication plugins.
https://en.wikipedia.org/wiki/Multi-factor_authentication
Latest release: 234 sites 184 downloads 9
tool_passwordvalidator
A tool for enforcing various security standards and guidelines for passwords for Moodle. This plugin aims for compliance with the Australian Information Security Manual (currently May 2019), and above that, the NIST standards from the document 800-63B. Many of the controls are optional and user configurable, with the most safe values set by default, but allow for great customization for any configuration, while enforcing safe, sensible guidelines for passwords.
This password checks also include securely testing for potentially compromised passwords using:
https://haveibeenpwned.com/
Latest release: 18 sites 26 downloads 7
tool_securityquestions
This plugin adds a framework for adding and enforcing security questions for users to perform a password reset. Currently it only operates on the Moodle Core 'Forgot Password' page, however it is easily extensible to other forms.
NOTE: This plugin only has native compatability with Moodle 3.8. For Moodle 3.7, MDL-66173 must be cherry-picked to allow the plugin to interact with Moodle. See Readme for more detailed instructions
Latest release: 30 sites 25 downloads 4
block_cqumymoodle
Allows staff and students to see enrolments they have in external systems (or other Moodle's). This was predominately created to allow links between archived and separated instances of Moodle, but keep the separation hidden to the users. Handy if you also have single-sign on between the systems, as it allows them to jump to external courses without having to login again.
Latest release: 3 sites 14 downloads 3
tool_abconfig
A way to A/B test config, or slowly turn on config for certain audiences or % of traffic.
Latest release: 7 sites 7 downloads 2
Supports Moodle 3.8
