Admin tools: Security Questions

tool_securityquestions
Maintained by Picture of Catalyst ITCatalyst IT, Picture of Peter BurnettPeter Burnett, Picture of Brendan HeywoodBrendan Heywood
This plugin adds a framework for adding and enforcing security questions for users to perform a password reset. Currently it only operates on the Moodle Core 'Forgot Password' page, however it is easily extensible to other forms. NOTE: This plugin only has native compatability with Moodle 3.8. For Moodle 3.7, MDL-66173 must be cherry-picked to allow the plugin to interact with Moodle. See Readme for more detailed instructions
22 sites
23 downloads
4 fans
Current versions available: 1
This plugin adds a framework for adding and enforcing security questions for users to perform a password reset. Currently it only operates on the Moodle Core 'Forgot Password' page, however it is easily extensible to other forms.

NOTE: This plugin only has native compatability with Moodle 3.8. For Moodle 3.7, MDL-66173 must be cherry-picked to allow the plugin to interact with Moodle. See Readme for more detailed instructions.

For further information, consult the Readme file

Screenshots

Screenshot #0
Screenshot #1
Screenshot #2
Screenshot #3
Screenshot #4
Screenshot #5
Screenshot #6
Screenshot #7
Screenshot #8

Contributors

Picture of Catalyst IT
Catalyst IT (Lead maintainer)
Picture of Peter Burnett
Peter Burnett: Developer
Picture of Brendan Heywood
Brendan Heywood: Solutions Architect
Please login to view contributors details and/or to contact them

Comments RSS

Show comments
  • Picture of Plugins bot
    Tue, Oct 29, 2019, 9:30 AM
    Approval issue created: CONTRIB-7886
  • Picture of Scott Starkweather
    Sat, Apr 18, 2020, 12:01 AM
    Documentation states that this plugin is easily extensible to other forms--but how?
  • Picture of Martin Lechner
    Sun, Apr 19, 2020, 10:06 PM
    ^ Same question need to integrade on login, like 2FA, but how?
  • Picture of Olaf Nöhring
    Wed, Sep 16, 2020, 6:09 PM
    Hi,
    just did a complete first translation to German. I notice, that still english occurs (hardcoded probably):

    a) When a users needs to set questions: "It is required that you answer a minimum of 3 security questions."

    b) in https://mysite/admin/category.php?category=securityquestions :

    "Lockout tier settings
    These settings allow you to add lockout tiers to Security Questions. Leave these settings as 0 to disable lockout tiers. If these settings are set, when a user triggers a lockout, they will instead be allowed to attempt security questions again after the duration specified for the tier. When a user triggers a lockout, they will move up a lockout tier. Lockouts will automatically be cleared after the duration specified in the lockoutexpiryduration control, if it is not set to 0.

    Lockout tier one duration
    tool_securityquestions | tieroneduration

    Length of time during a tier one lockout where a user cannot reattempt security questions.

    Lockout tier two duration
    tool_securityquestions | tiertwoduration


    Length of time during a tier two lockout where a user cannot reattempt security questions.

    Lockout reset reset time
    tool_securityquestions | lockoutexpiryduration

    Length of time with no failed attempts before lockout is automatically cleared. Set to 0 to keep accounts locked until administrator reset."

    c) also strange: in https://mysite/admin/tool/securityquestions/set_questions.php a translation is not really translated. In the heading where it reads if active/unactive - the parameter still shows up:
    Aktiv - {$ a} zusätzliche Fragen erforderlich.

    same in https://mysite/admin/tool/securityquestions/set_responses.php
    Dauer der Nachfrist: {$ a}


    Olaf
Please login to post comments