Promotions

  • Notifications avancées

    Le module Notifications avancées est conçu pour améliorer l'efficacité de votre entreprise en vous tenant informé des événements depuis votre interface dolibarr.

    125,00 €  (300€)
  • Produit Rapide - CODE 42

    Permet de créer des produits ou des services directement dans l'interface des Propositions commerciales, des commandes clients et des factures.

    15,00 €  (30€)

Nouveaux produits

  • Module Chantier — Visites, PV et convocations

    Gestion professionnelle des visites de chantier pour Dolibarr — PV, participants, observations, convocations et rapports PDF avec traçabilité complète.

    149,00 €
  • EM Payment

    Paiements simplifiés pour Dolibarr : QR Code EPC SEPA sur vos factures (conforme EPC069-12, OGM belge, RF ISO 11649) et rapprochement bancaire automatique via CODA/Codabox. Matching intelligent multi-stratégies, enregistrement automatique des paiements, réconciliation bancaire native Dolibarr, support factures clients et fournisseurs.

    200,00 €

Two-Factor Authentication Pro v6.0 — Multi-device, TOTP, WebAuthn/FIDO2, Backup codes

mp24503d20260401013009

Nouveau

The most complete two-factor authentication for Dolibarr. TOTP (Google Authenticator, Authy...), WebAuthn/FIDO2 (YubiKey, Touch ID, Windows Hello), backup codes, multi-device, AES-256 encryption, brute-force protection.

89,00 €
HT

Previous Next
  • Auteur Theo Pequignot
  • Version du module 6.0.0
  • Date de sortie 01/04/2026
  • Accès aux mises à jour et aux téléchargements 2 ans
  • Comment contacter l'assistance contact@theopequignot.fr
  • Compatibilité Dolibarr V14 - V22   -   PHP7.4 - 8.4
  • Dernière mise à jour 05/04/2026 16:37

Plus d'infos...

WHY THIS MODULE?

Two-factor authentication (2FA) has become essential to secure access to your ERP. A simple password is no longer enough. This module adds a robust layer of security to every Dolibarr login.

KEY FEATURES

Multi-method authentication
TOTP — 6-digit time-based codes (30s), compatible with Google Authenticator, Authy, Microsoft Authenticator, 1Password, Bitwarden, Aegis, FreeOTP
WebAuthn/FIDO2 — Hardware keys (YubiKey), Touch ID, Face ID, Windows Hello
Backup codes — 10 one-time-use codes, hashed with bcrypt

Multi-device support
• Multiple devices per user (e.g., phone + YubiKey)
• Full management: add, rename, delete from the interface
• In case of loss, use another device or a backup code

Enterprise-grade security
• AES-256-CBC encryption of TOTP secrets in the database
• Anti brute-force: lockout after 5 attempts within 15 minutes per IP
• Anti-replay: a TOTP code can only be used once
• Full audit log (IP, result, method, device)
• CSRF protection on all forms
• Security HTTP headers (X-Frame-Options, CSP, no-store)

Smart enrollment
• 2FA setup automatically предложed at first login
• Mandatory or optional mode (MOD2FA_MANDATORY constant)
• QR code generated locally (no external calls)
• Force re-enrollment per user from admin panel

Full administration
• Dashboard: 24h statistics, adoption rate, blocked attempts
• User list with 2FA status, devices, last login
• Individual 2FA reset, force re-enrollment, regenerate backup codes
• Filterable audit log
• Old logs cleanup
• Secrets re-encryption (maintenance)

Polished interface
• Standalone pages with clean design, independent from Dolibarr theme
• Works on all themes without contrast issues
• Responsive and accessible

INSTALLATION

  1. Unzip mod2fa-6.0.0.zip into htdocs/custom/
  2. Go to: Setup > Modules/Applications > Others
  3. Enable Mod2fa
  4. Database tables are created automatically
  5. Users will be guided at their next login

REQUIREMENTS


• Dolibarr 14.0 or higher
• PHP 7.4 or higher (compatible with 8.0 — 8.4)
• MySQL 5.7+ / MariaDB 10.3+
• OpenSSL required
• HTTPS required only for WebAuthn




If you think this module is a fork of another one (published after the first one) or violates some terms or conditions of use (for users or vendors), you can make a report at dolistore@dolibarr.org