Rewritten with Joomla 4 MVC. This version of Akeeba LoginGuard has been rewritten from scratch using the core Joomla 4 MVC and the Bootstrap 5 CSS framework in the backend. This version runs only on Joomla 4. It does not support Joomla 3 anymore.
WebAuthn now supports Windows Hello with a PIN, not just biometrics. We updated the WebAuthn code to now support Windows Hello using a PIN on computers with a TPM (Trusted Platform Module) on Windows 10 and 11. This makes two step verification easier and more secure, without the need for an external hardware authenticator.
You can edit the title of Authenticator app, Email, PushBullet, and Text Message methods without having to enter a six digit code. There was really no reason for this behavior. If anything, it was confusing to most users.
Removed U2F support. The legacy FIDO (U2F) two step verification method has been removed from LoginGuard. FIDO/U2F was the old standard for secure authentication which was realistically only supported on Google Chrome, partially by some versions of Firefox and required messing with development flags on Safari 12 and later. This standard has been superseded by FIDO2/WebAuthn and supported by all major browsers released since mid-2020.
You can no longer change the key ID of a Yubikey after configuring it for security reasons. In previous versions of Akeeba LoginGuard you could reconfigure a Yubikey (Yubico OTP) two step verification method at any time by entering a new, valid Yubico OTP. This could lead to problems, e.g. accidentally replacing your usual Yubikey with a different one, possibly locking yourself out of the site. If you want to change your Yubikey you need to add a new Yubikey authentication method and then delete the old one.
!--Bug fixes and minor improvements. Please take a look at the CHANGELOG below.
-->Please consult our Compatibility page. It explains our version support policy and lists which versions of our software are compatible with which versions of Joomla and PHP.