Promotions

  • Advanced HRM : Advanced human resources management

    This module brings a layer of ergonomics and additional features in the standard Dolibarr human resources management module, such as the facility to create absence requests from the employee schedule, the addition of automatic VAT rates, the integration of the km scale on the tranche 1 and of google maps.

    145.00 €  (290€)
  • INTERVENTION PLUS - Complete Management of Interventions

    The “Intervention Plus” module is a revolutionary tool that simplifies and optimizes intervention management, from planning to invoicing. Designed for sales and technical teams, it offers a complete suite of features to ensure transparent and efficient monitoring of each intervention.

    250.00 €  (500€)

New products

MFA

mp20887d20260427122016

Multi-Factor Authentication module using TOTP-compatible authenticator applications such as Google Authenticator and Microsoft Authenticator.

FREE

Previous Next
  • Author CONCORDE De Conseil
  • Module version 1.1
  • Release date 04/27/2026
  • Access to download and updates Lifetime access
  • Compatibility Dolibarr V20+   -   PHP7.4 - 8.3
  • Last update 05/25/2026 10:38 PM

More info...

MFA (Multi-Factor Authentication) for Dolibarr

Overview

The MFA module by CONCORDE de Conseil introduces a robust security layer to your Dolibarr ERP & CRM. It requires users to provide a Time-Based One-Time Password (TOTP) from a mobile authenticator app after their standard password authentication.

⚠️ Critical Installation Step

To activate the module, you must update your configuration file. Edit conf/conf.php and ensure the authentication parameter includes mfa:

$dolibarr_main_authentication = 'mfa,dolibarr';

(Note: Keeping 'dolibarr' as a fallback is recommended during initial setup).

Key Features

  • Universal TOTP Support: Fully compatible with Google Authenticator, Microsoft Authenticator, Authy, FreeOTP, and other standard TOTP apps.

  • Seamless Enrollment: Instant user setup via QR code provisioning.

  • Dynamic MFA Challenges: Automatic MFA prompt during the login flow for all enabled users.

  • Self-Service User Interface: Users can easily set up, verify, and activate their own MFA from their User Card.

  • Advanced Admin Controls: * Monitor failed entry attempts with source IP logging.

    • Manual account unlock and state-reset actions for administrators.

  • Hardened Security: * Brute-Force Protection: Intelligent lockout handling after repeated invalid codes.

    • CSRF Protection: Secure state-change actions to prevent cross-site request forgery.

    • Persistent Tracking: Detailed logs of login and setup failures.

Customization

You can customize the appearance of the MFA interface by changing the gradient colors:

  1. Go to `Home > Setup > Modules/Applications`.
  2. Click the setup icon (cogwheel) next to the `MFA` module.
  3. Adjust the `Gradient start color` and `Gradient end color` as desired.
  4. Save the changes.

Technical Specifications

  • Compatibility: Seamlessly integrates with the native Dolibarr core authentication flow.

  • Architecture: 100% PHP; utilizes dedicated SQL tables for secure attempt tracking.

  • Structure: Standardized module path (htdocs/custom/mfa).

  • Languages: Fully localized in English (en_US), French (fr_FR), and Arabic (ar_SA).

Documentation

Complete documentation included:

  • Multi-lingual READMEs (EN, FR, AR).

  • Detailed ChangeLog and GPLv3 Licensing.

Credits & Legal

Copyright (C) 2026 CONCORDE de Conseil
Lead Developer: Ali WERGHEMMI

Web: https://www.concorde.tn

Support: contact@concorde.tn




If you think this module is a fork of another one (published after the first one) or violates some terms or conditions of use (for users or vendors), you can make a report at dolistore@dolibarr.org