Moodle plugins directory: Multi-factor authentication | Moodle.org
Multi-factor authentication
This is a Moodle plugin which adds Multi-Factor authentication (MFA), also known as Two-factor authentication (2FA) on top of your existing chosen authentication plugins.
https://en.wikipedia.org/wiki/Multi-factor_authentication
Why another MFA plugin for Moodle?
There are other 2FA plugins for moodle such as:
https://moodle.org/plugins/auth_a2fa
This one is different because it is NOT a Moodle authentication plugin. It leverages new API's that Catalyst specifically implemented in Moodle Core to enable plugins to augment the login process instead of replacing it. This means that this MFA plugin can be added on top of any other authentication plugin resulting in a much cleaner architecture, and it means you can compose a solution that does everything you need instead of compromising by swapping out the entire login flow.
See this tracker and the dev docs for more info:
https://tracker.moodle.org/browse/MDL-66173
https://docs.moodle.org/dev/Login_callbacks
The other major difference is that we support multiple authentication factor types as sub plugins, eg IP Range, Email, TOTP, WebAuthn / FIDO2 and in future others such as SMS or hardware tokens or anything else as new sub-plugins. They can be flexible configured so that different combinations of factors are considered enough.
Flexible configuration
The MFA has multiple sub-plugins for each type of factor. Different factors can be combined and checked in a specific order. See the plugin readme for the full details:
https://github.com/catalyst/moodle-tool_mfa/#configuration
For more information, consult the readme:
https://github.com/catalyst/moodle-tool_mfa/
Warm thanks
Thanks to Swissbit for sponsoring the work to add WebAuthn / FIDO2 support to this plugin.
Coding error detected, it must be fixed by a programmer: page layout file [dirroot]/theme/edumy/layout/columns2.php does not contain the main content placeholder, please include "<?php echo $OUTPUT->main_content() ?>" in theme layout file.
We have built a custom theme for Moodle for a customer and are using this plugin in concert with that. It as been working very well so far.
However, due to our own custom theme and the upcoming 2022/2023 Moodle 4.0 changes to the theme, we are trying to anticipate any extra work we'll have to charge due to this update.
Because it seemed wise to take the plugins we use into account as well, I'd like to ask you wether they anticipate any trouble with the upcoming Moodle version in the context of this plugin? How fast can we expect an update? Anything we can do ourselves?
We know it's fairly early, but this client is a very big and bureaucratic one, and any and all information will be useful to us.
I also thought it might be good to start a general Moodle 4.0 megathread for the (undoubtedly volumous) questions that will appear.
Catalyst develops and maintains a large number of plugins and we don't rely on the moodle.org plugins database for deploying code internally (we use git) so we don't regularly publish the latest versions of our plugins to the plugins database. The best place to find the latest versions of all our plugins will always be the git repository for those plugins.
We are slowly rolling out a process to auto-deploy updates to the moodle.org plugins database for our plugins to help organisations that rely on the plugins database but this hasn't yet been added to our tool_mfa plugin.
Kind regards,
Mikhail