Werbeaktionen

  • Advanced Notifier

    Our advanced notification module is designed to enhance the efficiency of your company by keeping you informed of events directly from your Dolibarr interface.

    125,00 €  (300€)
  • Fortgeschrittener professioneller Gantt Dolibarr

    Möchten Sie, dass sich Ihr Projekt effizient und strukturiert entwickelt? Mit dem Modul „Gantt Professional Advanced“ können Sie alle Ihre Projekte an einem Ort verwalten, ohne Gantt Project verwenden zu müssen. Wir glauben, dass Sie Ihre Projekte mit den richtigen Tools effektiv verwalten können, und das Gantt Professional Advanced Module ist eines davon.

    300,00 €  (600€)

Neue Produkte

  • UltimateLine 23.0

    Fügt automatisch Zusatzzeilen zu Angeboten, Bestellungen und Rechnungen hinzu, wenn eine Zeile hinzugefügt oder geändert wird. Mehrere Zeilen können verwaltet werden, abhängig von definierten Produkten oder Dienstleistungen, gemeinsam oder getrennt. Ideal zur Automatisierung von CO₂-Abgaben, Ökosteuern oder spezifischen Rabatten.

    66,67 €
  • NCS Bank Import Italy

    Universeller CSV-Import für italienische Banken (Intesa, UniCredit, Poste Italiane, Fineco etc.). Automatischer Rechnungsabgleich. 100% lokal, DSGVO-konform.

    69,00 €

Two-Factor Authentication Pro v6.0 — Multi-device, TOTP, WebAuthn/FIDO2, Backup codes

mp24503d20260401013009

The most complete two-factor authentication for Dolibarr. TOTP (Google Authenticator, Authy...), WebAuthn/FIDO2 (YubiKey, Touch ID, Windows Hello), backup codes, multi-device, AES-256 encryption, brute-force protection.

89,00 €
Netto

Previous Next
  • Autor Theo Pequignot
  • Modulversion 6.0.0
  • Veröffentlichungsdatum 01.04.2026
  • Zugriff auf Updates und Downloads 2 Jahre
  • So kontaktieren Sie den Support contact@theopequignot.fr
  • Kompatibilität Dolibarr V14 - V22   -   PHP7.4 - 8.4
  • Letztes Update 05.04.2026 16:37

Mehr Infos...

WHY THIS MODULE?

Two-factor authentication (2FA) has become essential to secure access to your ERP. A simple password is no longer enough. This module adds a robust layer of security to every Dolibarr login.

KEY FEATURES

Multi-method authentication
TOTP — 6-digit time-based codes (30s), compatible with Google Authenticator, Authy, Microsoft Authenticator, 1Password, Bitwarden, Aegis, FreeOTP
WebAuthn/FIDO2 — Hardware keys (YubiKey), Touch ID, Face ID, Windows Hello
Backup codes — 10 one-time-use codes, hashed with bcrypt

Multi-device support
• Multiple devices per user (e.g., phone + YubiKey)
• Full management: add, rename, delete from the interface
• In case of loss, use another device or a backup code

Enterprise-grade security
• AES-256-CBC encryption of TOTP secrets in the database
• Anti brute-force: lockout after 5 attempts within 15 minutes per IP
• Anti-replay: a TOTP code can only be used once
• Full audit log (IP, result, method, device)
• CSRF protection on all forms
• Security HTTP headers (X-Frame-Options, CSP, no-store)

Smart enrollment
• 2FA setup automatically предложed at first login
• Mandatory or optional mode (MOD2FA_MANDATORY constant)
• QR code generated locally (no external calls)
• Force re-enrollment per user from admin panel

Full administration
• Dashboard: 24h statistics, adoption rate, blocked attempts
• User list with 2FA status, devices, last login
• Individual 2FA reset, force re-enrollment, regenerate backup codes
• Filterable audit log
• Old logs cleanup
• Secrets re-encryption (maintenance)

Polished interface
• Standalone pages with clean design, independent from Dolibarr theme
• Works on all themes without contrast issues
• Responsive and accessible

INSTALLATION

  1. Unzip mod2fa-6.0.0.zip into htdocs/custom/
  2. Go to: Setup > Modules/Applications > Others
  3. Enable Mod2fa
  4. Database tables are created automatically
  5. Users will be guided at their next login

REQUIREMENTS


• Dolibarr 14.0 or higher
• PHP 7.4 or higher (compatible with 8.0 — 8.4)
• MySQL 5.7+ / MariaDB 10.3+
• OpenSSL required
• HTTPS required only for WebAuthn




If you think this module is a fork of another one (published after the first one) or violates some terms or conditions of use (for users or vendors), you can make a report at dolistore@dolibarr.org