
Multi-factor authentication
This is a Moodle plugin which adds Multi-Factor authentication (MFA), also known as Two-factor authentication (2FA) on top of your existing chosen authentication plugins.
https://en.wikipedia.org/wiki/Multi-factor_authentication
Why another MFA plugin for Moodle?
There are other 2FA plugins for moodle such as:
https://moodle.org/plugins/auth_a2fa
This one is different because it is NOT a Moodle authentication plugin. It leverages new API's that Catalyst specifically implemented in Moodle Core to enable plugins to augment the login process instead of replacing it. This means that this MFA plugin can be added on top of any other authentication plugin resulting in a much cleaner architecture, and it means you can compose a solution that does everything you need instead of compromising by swapping out the entire login flow.
See this tracker and the dev docs for more info:
https://tracker.moodle.org/browse/MDL-66173
https://docs.moodle.org/dev/Login_callbacks
The other major difference is that we support multiple authentication factor types as sub plugins, eg IP Range, Email, TOPT and in future others such as SMS or hardware tokens or anything else as new sub-plugins. They can be flexible configured so that different combinations of factors are considered enough.
Flexible Configuration
The MFA has multiple sub-plugins for each type of factor. Different factors can be combined and checked in a specific order. See the plugin readme for the full details:
https://github.com/catalyst/moodle-tool_mfa/#configuration
For more information, consult the readme:
i.e at http://yourdomain.tld/admin/tool/mfa/user_preferences.php
If you don't find it, mention you moodle version here please.
Yes, Moodle 3.9 is supported. The doc needs to be updated
Cheers
Coding error detected, it must be fixed by a programmer: page layout file [dirroot]/theme/edumy/layout/ccn_minimal.php does not contain the main content placeholder, please include "<?php echo $OUTPUT->main_content() ?>" in theme layout file.
"bigo soft
Sat, May 22, 2021, 5:12 PM
Using moodle 3.10. The plugin is installed. I do not see any option to setup the security questions for auth. How am I supposed to do that? The documents were of no help..."
I plan to install this plug-in for Moodle 3.10v and want to confirm it is a viable option before I run it? Does anyone have related experience to share?
The plugin should be compatible with version up to and including 3.11. While we have not internally deployed this plugin to any 3.10 or 3.11 sites internally, It has been validated by automated tools to work. Feel free to install and play with the plugin on 3.10, and reach out on github if you have any issues!
Thanks,
Peter
This seems to be a matter of MFA configuration. Grace period can be used to give other users some time to configure their Authenticator app. Also User capability and Role Factor can help to let some users pass MFA if they are not suppose to have Authenticator app. Please have a look at the doc to get more details on factors and how they can be used to get your target use case https://github.com/catalyst/moodle-tool_mfa#authentication-factors
Kind regards,
Mikhail
If a user self-registers, and confirms their account, they cannot log in the first time while MFA via SMS is required.
We are collecting the cellular number at registration, so the system knows what it is, but the number has not been validated yet, so it cannot be used. But the user cannot log in and validate it. A bit of a catch 22. What is the proper way to allow self-registration AND require SMS TOTP codes at the same time?