Promotions

  • Advanced Professional Gantt Dolibarr

    Would you like to see your project evolve in an efficient and structured way? The Gantt Professional Advanced Module allows you to manage all your projects in one place, without the need to use Gantt Project. We believe that you can effectively manage your projects with the right tools in place, and the Gantt Professional Advanced Module is one of them.

    300.00 €  (600€)
  • RecurringEvent

    RecurringEvent manages event recurrence within Dolibarr, facilitating the automatic generation of recurring event series.

    75.00 €  (150€)

New products

  • Dolibarr Module: TakePos Gift Voucher

    The TakePos Gift Voucher module for Dolibarr ERP CRM is an innovative solution that allows you to easily manage gift vouchers directly from the TakePos point-of-sale interface. It provides full integration between business management and POS operations, enabling companies to offer gift vouchers while maintaining precise tracking of used and remaining balances.

    99.00 €
  • DES

    The D.E.S module adds new features to Dolibarr ERP/CRM. It was designed to help self-employed workers complete their European Service Declaration (DES) for French customs.

    FREE

MFA

mp20887d20260427122016

Multi-Factor Authentication module using TOTP-compatible authenticator applications such as Google Authenticator and Microsoft Authenticator.

FREE

Previous Next
  • Author CONCORDE De Conseil
  • Module version 1.1
  • Release date 04/27/2026
  • Access to download and updates Lifetime access
  • Compatibility Dolibarr V20+   -   PHP7.4 - 8.3
  • Last update 05/25/2026 10:38 PM

More info...

MFA (Multi-Factor Authentication) for Dolibarr

Overview

The MFA module by CONCORDE de Conseil introduces a robust security layer to your Dolibarr ERP & CRM. It requires users to provide a Time-Based One-Time Password (TOTP) from a mobile authenticator app after their standard password authentication.

⚠️ Critical Installation Step

To activate the module, you must update your configuration file. Edit conf/conf.php and ensure the authentication parameter includes mfa:

$dolibarr_main_authentication = 'mfa,dolibarr';

(Note: Keeping 'dolibarr' as a fallback is recommended during initial setup).

Key Features

  • Universal TOTP Support: Fully compatible with Google Authenticator, Microsoft Authenticator, Authy, FreeOTP, and other standard TOTP apps.

  • Seamless Enrollment: Instant user setup via QR code provisioning.

  • Dynamic MFA Challenges: Automatic MFA prompt during the login flow for all enabled users.

  • Self-Service User Interface: Users can easily set up, verify, and activate their own MFA from their User Card.

  • Advanced Admin Controls: * Monitor failed entry attempts with source IP logging.

    • Manual account unlock and state-reset actions for administrators.

  • Hardened Security: * Brute-Force Protection: Intelligent lockout handling after repeated invalid codes.

    • CSRF Protection: Secure state-change actions to prevent cross-site request forgery.

    • Persistent Tracking: Detailed logs of login and setup failures.

Customization

You can customize the appearance of the MFA interface by changing the gradient colors:

  1. Go to `Home > Setup > Modules/Applications`.
  2. Click the setup icon (cogwheel) next to the `MFA` module.
  3. Adjust the `Gradient start color` and `Gradient end color` as desired.
  4. Save the changes.

Technical Specifications

  • Compatibility: Seamlessly integrates with the native Dolibarr core authentication flow.

  • Architecture: 100% PHP; utilizes dedicated SQL tables for secure attempt tracking.

  • Structure: Standardized module path (htdocs/custom/mfa).

  • Languages: Fully localized in English (en_US), French (fr_FR), and Arabic (ar_SA).

Documentation

Complete documentation included:

  • Multi-lingual READMEs (EN, FR, AR).

  • Detailed ChangeLog and GPLv3 Licensing.

Credits & Legal

Copyright (C) 2026 CONCORDE de Conseil
Lead Developer: Ali WERGHEMMI

Web: https://www.concorde.tn

Support: contact@concorde.tn




If you think this module is a fork of another one (published after the first one) or violates some terms or conditions of use (for users or vendors), you can make a report at dolistore@dolibarr.org