MFA

MFA (Multi-Factor Authentication) for Dolibarr

Overview

The MFA module by CONCORDE de Conseil introduces a robust security layer to your Dolibarr ERP & CRM. It requires users to provide a Time-Based One-Time Password (TOTP) from a mobile authenticator app after their standard password authentication.

⚠️ Critical Installation Step

To activate the module, you must update your configuration file. Edit conf/conf.php and ensure the authentication parameter includes mfa:

$dolibarr_main_authentication = 'mfa,dolibarr';

(Note: Keeping 'dolibarr' as a fallback is recommended during initial setup).

Key Features

• Universal TOTP Support: Fully compatible with Google Authenticator, Microsoft Authenticator, Authy, FreeOTP, and other standard TOTP apps.

• Seamless Enrollment: Instant user setup via QR code provisioning.

• Dynamic MFA Challenges: Automatic MFA prompt during the login flow for all enabled users.

• Self-Service User Interface: Users can easily set up, verify, and activate their own MFA from their User Card.

• Advanced Admin Controls: * Monitor failed entry attempts with source IP logging.

  • Manual account unlock and state-reset actions for administrators.

• Hardened Security: * Brute-Force Protection: Intelligent lockout handling after repeated invalid codes.

  • CSRF Protection: Secure state-change actions to prevent cross-site request forgery.

  • Persistent Tracking: Detailed logs of login and setup failures.

Customization

You can customize the appearance of the MFA interface by changing the gradient colors:

1. Go to `Home > Setup > Modules/Applications`.
2. Click the setup icon (cogwheel) next to the `MFA` module.
3. Adjust the `Gradient start color` and `Gradient end color` as desired.
4. Save the changes.

Technical Specifications

• Compatibility: Seamlessly integrates with the native Dolibarr core authentication flow.

• Architecture: 100% PHP; utilizes dedicated SQL tables for secure attempt tracking.

• Structure: Standardized module path (htdocs/custom/mfa).

• Languages: Fully localized in English (en_US), French (fr_FR), and Arabic (ar_SA).

Documentation

Complete documentation included:

• Multi-lingual READMEs (EN, FR, AR).

• Detailed ChangeLog and GPLv3 Licensing.

Credits & Legal

Copyright (C) 2026 CONCORDE de Conseil
Lead Developer: Ali WERGHEMMI

Web: https://www.concorde.tn

Support: contact@concorde.tn