Multi-factor authentication

Administration tool ::: tool_mfa
Maintained by Catalyst IT, Brendan Heywood, Peter Burnett, Mikhail Golenkov
This is a Moodle plugin which adds Multi-Factor authentication (MFA), also known as Two-factor authentication (2FA) on top of your existing chosen authentication plugins. https://en.wikipedia.org/wiki/Multi-factor_authentication
Latest release:
1169 sites
1k downloads
36 fans
Current versions available: 2
Download

This is a Moodle plugin which adds Multi-Factor authentication (MFA), also known as Two-factor authentication (2FA) on top of your existing chosen authentication plugins.

https://en.wikipedia.org/wiki/Multi-factor_authentication

Why another MFA plugin for Moodle?

There are other 2FA plugins for moodle such as:

https://moodle.org/plugins/auth_a2fa

This one is different because it is NOT a Moodle authentication plugin. It leverages new API's that Catalyst specifically implemented in Moodle Core to enable plugins to augment the login process instead of replacing it. This means that this MFA plugin can be added on top of any other authentication plugin resulting in a much cleaner architecture, and it means you can compose a solution that does everything you need instead of compromising by swapping out the entire login flow.

See this tracker and the dev docs for more info:

https://tracker.moodle.org/browse/MDL-66173

https://docs.moodle.org/dev/Login_callbacks

The other major difference is that we support multiple authentication factor types as sub plugins, eg IP Range, Email, TOTP, WebAuthn / FIDO2 and in future others such as SMS or hardware tokens or anything else as new sub-plugins. They can be flexible configured so that different combinations of factors are considered enough.

Flexible configuration

The MFA has multiple sub-plugins for each type of factor. Different factors can be combined and checked in a specific order. See the plugin readme for the full details:

https://github.com/catalyst/moodle-tool_mfa/#configuration

For more information, consult the readme:

https://github.com/catalyst/moodle-tool_mfa/

Warm thanks

Thanks to Swissbit for sponsoring the work to add WebAuthn / FIDO2 support to this plugin.

Useful links

More documentation on this plugin
Source control URL
Bug tracker

Screenshots

Screenshot #0
Screenshot #1
Screenshot #2
Screenshot #3
Screenshot #4
Screenshot #5

Contributors

Catalyst IT (Lead maintainer)
View other contributions
Brendan Heywood: Solutions Architect
View other contributions
Peter Burnett: Developer
View other contributions
Mikhail Golenkov: Developer
View other contributions
Please login to view contributors details and/or to contact them

Awards

Automated testing support
Automated testing support
Privacy friendly
Privacy friendly
Moodle Workplace ready
Moodle Workplace ready
Early bird 4.1
Early bird 4.1

Comments RSS

Comments

  • Mohamed Atia
    Mohamed Atia
    Wed, 14 Jul 2021, 3:56 PM
    it looks like updating to the version in Github fixed the issue for the login as it is recent than the one here in Moodle plugins; but in the user preferences admin/tool/mfa/user_preferences.php the issue still exists and gives the error below

    Coding error detected, it must be fixed by a programmer: page layout file [dirroot]/theme/edumy/layout/columns2.php does not contain the main content placeholder, please include "<?php echo $OUTPUT->main_content() ?>" in theme layout file.
  • Alain Raap
    Alain Raap
    Fri, 30 Jul 2021, 8:47 PM
    I have a question about the "Role factor". Is it possible to force several roles like teachers and admins to use TOTP as authentication method and make it optional for students?
  • Alain Raap
    Alain Raap
    Wed, 8 Sep 2021, 9:45 PM
    Will there be a new version published here of the tool_mfa plugin? The version on Github is more recent than the latest version on this page.
  • Peter Moodle
    Peter Moodle
    Wed, 12 Jan 2022, 9:54 PM
    Hi guys,

    We have built a custom theme for Moodle for a customer and are using this plugin in concert with that. It as been working very well so far.

    However, due to our own custom theme and the upcoming 2022/2023 Moodle 4.0 changes to the theme, we are trying to anticipate any extra work we'll have to charge due to this update.

    Because it seemed wise to take the plugins we use into account as well, I'd like to ask you wether they anticipate any trouble with the upcoming Moodle version in the context of this plugin? How fast can we expect an update? Anything we can do ourselves?

    We know it's fairly early, but this client is a very big and bureaucratic one, and any and all information will be useful to us.

    I also thought it might be good to start a general Moodle 4.0 megathread for the (undoubtedly volumous) questions that will appear.
  • Chris Young
    Chris Young
    Mon, 17 Jan 2022, 8:10 PM
    Hi folks quick-fire question has this been tested with M3.10 / M3.11? Cheers!
  • Peter Burnett
    Peter Burnett
    Tue, 18 Jan 2022, 6:00 AM
    Hi Chris. This plugin shouldn't have any issues running on M3.10 or 3.11. Our integration CI runs on those versions and all tests are passing, and we are not aware of any breaking API changes in those versions.
  • Peter Burnett
    Peter Burnett
    Tue, 18 Jan 2022, 6:02 AM
    Hi Peter, Similar to the above comment, we do not anticipate many issues with 4.0 and this plugin, as the core API's have not yet had any breaking changes to cause issues in the plugin, so at this point any work needed should be minimal if any.
  • Razi Moon
    Razi Moon
    Fri, 28 Jan 2022, 3:33 AM
    Hi Guys, I enable email factor for admin and I did not receive a code in my email. Now I cant login my admin account. Please help me..
  • Peter Burnett
    Peter Burnett
    Fri, 28 Jan 2022, 6:33 AM
    Hi Razi, can you please move this discussion over to the github issue board for the plugin, so we can more easily help you.
  • Peter Burnett
    Peter Burnett
    Fri, 28 Jan 2022, 6:33 AM
    https://github.com/catalyst/moodle-tool_mfa/issues
  • Razi Moon
    Razi Moon
    Fri, 28 Jan 2022, 2:18 PM
    Noted Peter, Thanks!!
  • Ey Marieb
    Ey Marieb
    Thu, 10 Mar 2022, 2:56 PM
    Hi all, this is a great plugin that we wanted to try with SMS and I saw on the documentation that there is the SMS factor. However when I tried to install it there is no SMS Factor settings at all. Is there something I'm missing? I only got these factors when I installed : factor_admin, factor_auth, factor_email, factor_grace, factor_iprange, factor_nosetup, factor_secq, factor_totp.



  • Mikhail Golenkov
    Mikhail Golenkov
    Thu, 10 Mar 2022, 4:29 PM
    Hi Ey Marieb. It seems like the plugin package hasn't been updated here for a while. Please refer to https://github.com/catalyst/moodle-tool_mfa for the latest plugin version. Cheers.
  • John Percival
    John Percival
    Thu, 16 Jun 2022, 4:31 AM
    @Mikhail Golenkov, please can I put in a request for the package to be updated on this page when it is considered suitably stable? I'd rather not go digging into github if I can avoid it, but would rather trust the dev to tell me when the code is ready to be packaged up and available to users, especially with a high-risk plugin for authentication. Thanks!
  • Mikhail Golenkov
    Mikhail Golenkov
    Mon, 20 Jun 2022, 9:33 AM
    Hi @John Percival,

    Catalyst develops and maintains a large number of plugins and we don't rely on the moodle.org plugins database for deploying code internally (we use git) so we don't regularly publish the latest versions of our plugins to the plugins database. The best place to find the latest versions of all our plugins will always be the git repository for those plugins.

    We are slowly rolling out a process to auto-deploy updates to the moodle.org plugins database for our plugins to help organisations that rely on the plugins database but this hasn't yet been added to our tool_mfa plugin.

    Kind regards,
    Mikhail
Please login to post comments