Skocz do zawartości
Zaloguj się, aby obserwować  
Invisionize.eu

[IPS Marketplace] Two-step Verification for IPS Community Suite

Polecane posty

Two-step Verification for IPS Community Suite

Two-step Verification app ads an extra layer of protection for user accounts at your IPS Community Suite  4.1. This method of user authentication is used by all major websites like Google, Facebook, Twitter, Microsoft and many other websites.

This method adds a second factor of user authentication, and allows users to access their accounts only if they 1) know their password, and 2) are able to provide a one-time password which is generated every 30 seconds by the Google Authenticator app. (Click for Android or iOS).

So how this method works for IPS Community Suite?

After installing the product, you can choose which groups are allowed to use this application. It has two settings per group, one for the front-end and one for the ACP.

00.png

Users who have either of the settings enabled will see a red shield logo in the top user navigation bar. It draws their attention and invites them to check the application.

01.png

Also they will have a link in the user drop-down menu that shows whether the protection is enabled or not.

02.png

These two additional links lead to the following page:

03.png

User can use Google Authenticator to scan the bar and then type the one-time password generated by GA to enable this protection for their accounts. User who successfully enable the protection will see this screen:

04.png

If desired, users can type the one-time password generated by GA to disable the protection.

The user drop-down menu will show the new protection state

08.png

From now on, after every successful login into the IPS Community Suite, the user will be faced with this form in the front-end, the form can't be avoided or averted, a one-time password is strictly required.

05.png

Or with this form in ACP

06.png

Uses can choose to trust the device for 30 days, during which they will not be asked to enter the one-time password again. Users can trust the device for the front-end or ACP separately. That means if you choose to trust the device on the front-end, you will be still asked to enter the OTP when you log into the ACP.

Finally, if a user for some reason loses their phone, they can reach to you to reset their 2-Step Verification credentials. You can do it in ACP in one click

07.png

You can also choose to force all admins to enable 2-Step Verification through settings.

09.png

If enabled, admins will see this error and they can't do anything in ACP:

10.png

We hope this application will add more security to your website. We recommend that you keep your server up-to-date with software and security fixes. Also make sure to install an SSL certificate, it's easy and free these days.

Pobierz plik

Udostępnij ten post


Link to postu
Udostępnij na innych stronach

Bądź aktywny! Zaloguj się lub utwórz konto

Tylko zarejestrowani użytkownicy mogą komentować zawartość tej strony

Zaloguj się, aby obserwować  

  • Kto przegląda   0 użytkowników

    Brak zalogowanych użytkowników przeglądających tę stronę.

×

Ważne informacje

Kontynuując przeglądanie strony, wyrażasz zgodę na używanie przez nas plików cookies.