We use cookies to improve your experience. No personal information is gathered and we don't serve ads. Cookies Policy.

ExpressionEngine Logo ExpressionEngine
Features Pricing Support Find A Developer
Partners Upgrades
Blog Add-Ons Learn
Docs Forums University
Log In or Sign Up
Log In Sign Up
ExpressionEngine Logo
Features Pro new Support Find A Developer
Partners Upgrades
Blog Add-Ons Learn
Docs Forums University Blog
  • Home
  • Add-Ons
default app icon

JCOGS One-Time Passwords

By JCOGS Design
Security
Description

Two Factor Authentication for EE6 and EE7

  • Enter OTPs as integral part of login process
  • Use QR code to configure Authenticator Apps
  • Or choose to have OTPs sent by email
  • Either method is validated before being activated
  • Useful messages added to login window
  • Easy to use CP settings panels
  • Basic Email Settings screen

JCOGS OTP modifies the EE log in process to require a user to enter a six-digit “One-Time Password” in addition to their regular log in credentials; the six-digit code is generated algorithmically from a sixteen character key linked to the user’s account.

Use standard authenticator apps

JCOGS OTP implements the IETF RFC4226 standard for OTP codes, which means the required codes can be generated by most standard “Authenticator apps”.

Or send OTP codes by email

JCOGS OTP supports the sending of the OTP code to the member by email. If the user chooses this option the email is sent automatically during the login process.

Coming soon… SMS support

A later version will add support for the sending of a user’s OTP code by SMS (and possibly other messaging platforms).

Easy to configure

JCOGS OTP uses the Member Roles system introduced in EE6 to control which site members have access to OTP, and to set whether access for a role group is optional or mandatory.


Easy Installation

Copy the jcogs_otp folder to your system/user/addons folder and then install from the ExpressionEngine Control Panel Add-ons page.


Configuration options

Enable or disable OTP - Does what it says on the tin…

Member Role where OTP Use is Required - Choose a member role for which use of OTP will be required. If the members you want to be required to use OTP do not match a current role group perfectly, simply create a new member role and associate them with that new Role.

Member Role where OTP Use is Optional - Choose a member role for which use of OTP will be optional. If the members you want to be required to use OTP do not match a current role group perfectly, simply create a new member role and associate them with that new Role.

Enable sending of OTPs by email - Does what it says on the tin…

Name of Email Sender - Choose the name for the email sender that will be shown when OTP code email arrives.

Email Address of Email Sender - Choose the sender’s email address for the OTP code email.

Advanced Email Options

Subject line for OTP emails - The subject line of emails sent by JCOGS OTP always begins with the Site Label followed by whatever text is specified here. By default this additional text is set to “One-Time Password”.

Email preamble - A paragraph of text that is included in the OTP code email immediately before the line containing the OTP code itself. By default this left blank.

OTP Code Prefix - Text that will immediately preceed the OTP code in the email. By default it is set to “Your OTP Code: “.

Email Closing - A paragraph of text that is included in the OTP code email immediately after the line containing the OTP code itself. By default this left blank.

Change email Reply-To settings

Allows you to specify an email account to which replies to the OTP email should be directed. If this is not specified then most email systems will direct the reply to the email address given for the sender.

Name of Reply-To Account - Choose the name for the email sender that will be shown when OTP code email arrives.

Email Address of Email Sender - Choose the sender’s email address for the OTP code email.


Usage notes

Resetting the OTP Key
Each member is assigned a unique key that is used to generate and validate the OTP codes. There are three ways in which this code can be reset:

  • If the member’s EE login password is changed for any reason (forced, they request etc.);
  • If the member enters invalid OTP codes more than three times in a row;
  • If the member opts to change the mode of OTP delivery (e.g. from email to authenticator).

Support

Support is available from JCOGS Design via email sent to otp_addon@jcogs.net or via @JCOGS Design the EE Slack discussion area.

Information
Version 1.0.7
Last Update 3 weeks ago
Compatibility EE 7, 6
License
Links
  • Documentation
  • Change Log
  • Support
ExpressionEngine Home Features Pro Contact Version Support
Learn Docs University Forums
Resources Support Add-Ons Partners Blog
Privacy Terms Trademark Use License

Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.