phpBB Two Factor Authentication

No screenshot
1.0.1 phpBB 3.3.1, 3.2.10
Released:
Wed Sep 30, 2020 3:01 pm
File size:
223.79 KiB
Validated for:
phpBB 3.3.1, 3.2.10
MD5 checksum:
550f6b2e09e8d5b748c978e105ddd530
Install directory:
ext/paul999/tfa
Dependencies:
ext-json, ext-openssl, marc1706/otp-authenticate, paul999/u2flib-server, paragonie/random_compat
Description
This extension adds support for the two factor authentication in your phpBB forum.
You can set several options within this extension:
  • Disable 2FA completly (Basicly disabling the extension!)
  • Do not require 2FA, but give it as option to users
  • Require 2FA for users with a_ permissions only, and only to login for the ACP
  • Require 2FA for users with a_ permissions only
  • Require 2FA for users with a_ or m_ permissions only
  • Require 2FA for all users
Depending on the choosen setting 2FA is required at registration (If a new user is registered), or a user is directly asked after login to update his profile with his key.

This extension currently supports the following types of two factor authentication:
  • U2F (See below)
  • TOTP (For example Google authenticator)
  • Backup keys
Requirements:
  • At least phpBB 3.2
  • openSSL (At least 1.0.0)
  • A secure connection (There are no specific requirements for the certificate. A self signed certicate will work as well as a extended validated certificate) if you want to use U2F
Limitations to U2F security keys
Due to limitations set by the U2F standard a secure connection is required. Currently, U2F is only supported in Google Chrome.
Ofcourse the user will also need a U2F compatible security key, for example from Yubico.
  • Revisions
    Version
    phpBB Version(s)