two-step verification

  1. XDinc

    Unmaintained [XTR] 2FA Verified Users 1.0.1

    Having a verification badge in the community, lets the people know on the platform that the user's account is authentic, notable, and active. What is meant by two-step verification? Two-step verification is an optional feature that adds more security to your user account. The verification...
  2. Wildcat Media

    Two-step verification (two-factor authentication) apps used with XenForo

    I am looking to compile a list of authenticator apps that work with XenForo, yet I haven't turned up such a list searching here in the forum or on Google. I've used Google Authenticator in the past, and currently use the Microsoft Authenticator (which I like more). I believe there are others...
  3. Wildcat Media

    XF 1.5 Two-step verification--how is the 30 day expiration saved?

    I have a staff member trying to use two-step verification. Despite ticking the 30-day "trust this device" option, the next login either hours or a day later always requires a new two-step code to be generated. What is used to save that 30-day expiration on a person's computer? Is this via a...
  4. I

    XF 2.1 Not remembering two-step verification sessions

    Hello, I have Cloudflare setup with my XenForo forum, with these settings enabled: AutoMinify: HTML, CSS, Javascript Rocket Loader: Enabled Browser Cache TTL: 30 minutes Security Level: Low Cache Level: Ignore Query String When a user logs in, and passes the two-step verification process (and...
  5. D

    XF 1.5 Two-Step Verification Code Not Being Sent

    Hi there, When trying to log in, I'm prompted for a two-step verification code. However, no code has been sent to my designated e-mail account as of late - thus, preventing me from logging in on my secondary account. I have tried disabling this feature with my main admin account under "General...
  6. F

    2FA: Remember device indefinitely

    I think having to re-authenticate every 30 days is a bit of a hassle, personally. Large services like Google and Facebook don't make me re-authenticate every 30 days, they permanently remember the browser unless cookies are cleared. Having the option to adjust the 30 day period to be longer...
  7. jflory7

    XF 1.5 2FA key cannot be scanned, entered manually - then stopped working?!

    Hello, Today, my 30 days finally expired on my login using my 2FA key. When I was initially setting up my 2FA authentication, my phone could not scan the QR code on my screen to add it (I am using Authy over Google Authenticator). This was strange, seeing as it worked here on the XF Forums, but...
  8. R

    Lack of interest 2FA: Separate 'device trusting' for forum and ACP login

    It would be nice if the option 'trust this device for 30 days' would differentiate between the forum login and the ACP login. E.g. many times you just want to have a quick look at the forum, but you always have to enter the 2FA code. There you can use the option to trust the actual device for 30...
  9. Allan

    Unmaintained Disable Two-Step Verification (config.php)

    I often work on several local installation at home, and this verification was returned each login :mad: (even with the permission to NO) So here's a way to stop Two-Step Verification ;) In /library/config.php/, after <?php, add: $config['enableTfa'] = false; _______________________________...
  10. R

    Deactivating 2FA is too easy

    Let's take the following scenario: An attacker has gained access to the users password and one of these requirements: he has access to the device where the user selected 'remember this device for 30 days' or he can somehow bypass the login 2FA, because the user has selected 'remember this...
  11. R

    1.5: Documentation for two step authentication?

    Mike said in his post about the new 2FA in XenForo: Are there any more details about this? Or will there be? I mean is there any documentation or example implementation of this? Or is planned that there will be one released? Are there any special APIs at all?
  12. BassMan

    [cXF] Remove Two-Step Verification

    BassMan submitted a new resource: Remove Two-Step Verification - This add-on visually removes two-step verification feature. Read more about this resource...
  13. BassMan

    Unmaintained [cXF] Remove Two-Step Verification 1.0.0

    Description: With this simple add-on you can visually remove Two-Step Verification feature. Note: Two-Step Verification is a security improvement from XenForo, but if you don't want it on your forum, you can remove it by installing this add-on. Before you decide, maybe read those threads: XF...
Top Bottom