Promociones

  • INTERVENCIÓN PLUS: Gestión Completa de Intervenciones

    El módulo “Intervención Plus” es una herramienta revolucionaria que simplifica y optimiza la gestión de las intervenciones, desde la planificación hasta la facturación. Diseñado para equipos técnicos y comerciales, ofrece un conjunto completo de funciones para garantizar un seguimiento transparente y eficiente de cada intervención.

    250,00 €  (500€)
  • Advanced HRM : Advanced human resources management

    This module brings a layer of ergonomics and features missing in the standard Dolibarr human resources management module, such as the facility to create absence requests from the employee schedule, the addition of automatic VAT rates, the integration of the km scale on the tranche 1 and of google maps.

    145,00 €  (290€)

Nuevos productos

Two-Factor Authentication Pro v6.0 — Multi-device, TOTP, WebAuthn/FIDO2, Backup codes

mp24503d20260401013009

The most complete two-factor authentication for Dolibarr. TOTP (Google Authenticator, Authy...), WebAuthn/FIDO2 (YubiKey, Touch ID, Windows Hello), backup codes, multi-device, AES-256 encryption, brute-force protection.

89,00 €
Sin IVA

Previous Next
  • Autor Theo Pequignot
  • Versión del módulo 6.0.0
  • Fecha de lanzamiento 01/04/2026
  • Acceso a actualizaciones y descargas 2 años
  • Cómo contactar al soporte contact@theopequignot.fr
  • Compatibilidad Dolibarr V14+   -   PHP7.4 - 8.4
  • Última actualización 08/06/2026 11:01

Más información...

WHY THIS MODULE?

Two-factor authentication (2FA) has become essential to secure access to your ERP. A simple password is no longer enough. This module adds a robust layer of security to every Dolibarr login.

KEY FEATURES

Multi-method authentication
TOTP — 6-digit time-based codes (30s), compatible with Google Authenticator, Authy, Microsoft Authenticator, 1Password, Bitwarden, Aegis, FreeOTP
WebAuthn/FIDO2 — Hardware keys (YubiKey), Touch ID, Face ID, Windows Hello
Backup codes — 10 one-time-use codes, hashed with bcrypt

Multi-device support
• Multiple devices per user (e.g., phone + YubiKey)
• Full management: add, rename, delete from the interface
• In case of loss, use another device or a backup code

Enterprise-grade security
• AES-256-CBC encryption of TOTP secrets in the database
• Anti brute-force: lockout after 5 attempts within 15 minutes per IP
• Anti-replay: a TOTP code can only be used once
• Full audit log (IP, result, method, device)
• CSRF protection on all forms
• Security HTTP headers (X-Frame-Options, CSP, no-store)

Smart enrollment
• 2FA setup automatically предложed at first login
• Mandatory or optional mode (MOD2FA_MANDATORY constant)
• QR code generated locally (no external calls)
• Force re-enrollment per user from admin panel

Full administration
• Dashboard: 24h statistics, adoption rate, blocked attempts
• User list with 2FA status, devices, last login
• Individual 2FA reset, force re-enrollment, regenerate backup codes
• Filterable audit log
• Old logs cleanup
• Secrets re-encryption (maintenance)

Polished interface
• Standalone pages with clean design, independent from Dolibarr theme
• Works on all themes without contrast issues
• Responsive and accessible

INSTALLATION

  1. Unzip mod2fa-6.0.0.zip into htdocs/custom/
  2. Go to: Setup > Modules/Applications > Others
  3. Enable Mod2fa
  4. Database tables are created automatically
  5. Users will be guided at their next login

REQUIREMENTS


• Dolibarr 14.0 or higher
• PHP 7.4 or higher (compatible with 8.0 — 8.4)
• MySQL 5.7+ / MariaDB 10.3+
• OpenSSL required
• HTTPS required only for WebAuthn




If you think this module is a fork of another one (published after the first one) or violates some terms or conditions of use (for users or vendors), you can make a report at dolistore@dolibarr.org