Support

Admin Tools

#25573 Tho phases authenticatation

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by GSommaruga on Monday, 11 July 2016 11:24 CDT

GSommaruga
 I want some clarification and some suggestions for authentic management in two phases.
For some users, I can leave the standard authentication?
How do I manage the temporary access of the technicians who occasionally give me external support?
What happens if I do not have the smartphone where to send the code?

Thanks in advance.

nicholas
Akeeba Staff
Manager
Hello Giorgio,

Admin Tools no longer supports Two Factor Authentication (2FA). I contributed this feature to Joomla! 3.2 a few years ago and subsequently removed it from Admin Tools. In fact, the code I submitted to Joomla is MUCH more flexible than what we had in Admin Tools. That's the benefit of having 2FA integrated with Joomla itself instead of an add-on solution :)

The Two Factor Authentication in Joomla! can be enabled per user and is opt-in (they have to enable it themselves). Users who do not have 2FA enabled will just need to leave the Secret Key field empty when logging in. Having that in mind all your questions are easy to answer.

For some users, I can leave the standard authentication?


Yes. 2FA is per user and opt-in, meaning that if the user himself does not activate it then 2FA is NOT active on their user account.

How do I manage the temporary access of the technicians who occasionally give me external support?


Like you should have always been doing that: create a temporary user for them. You just don't enable 2FA on that account. When they're done just delete their account.

What happens if I do not have the smartphone where to send the code?


When you enable 2FA you also get ten One Time Emergency Passwords (OTEPs). Keep a printout of them in your wallet. If you desperately need to log in to your site put one of the OTEPs in the Secret Key field and cross it out of the list (it cannot be used again; it's "burned"). Then go to your user settings and disable 2FA for your user account, save the user account and now you'll be able to set up 2FA again.

Alternatively, use a solution like Authy which lets you have the 2FA code generation on multiple devices and your browser itself. You can, for example, run Authy on your smartphone, tablet and (as a Google Chrome App) on your laptop and desktop. All of your devices automatically sync with each other, making it very easy to never get locked out of your site again when using 2FA.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

GSommaruga
You were very clear and exhaustive.
Thank you very much.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!