E-Mail as Second Factor

This plugin adds the user's e-mail account as a second authentication factor.

After logging in through another authentication module, a one-time code will be generated by the portal and sent to the user's e-mail address. The user will be prompted for this code in order to finish the login process.

Before configuring this module, make sure the user's email address is correctly fetched from your UserDB plugin and appears in the session browser. If you want to store the user e-mail in a different session field than mail, go to "General Parameters » Advanced parameters » SMTP" and set the "Session key containing mail address" parameter.

All parameters are configured in "General Parameters » Second factors » Mail second factor".

• Activation: Set to On to activate this module. If a user does not have an email address, they will encounter an error on login. If you want to use this plugin only for users who have an email address, use $mail (or whatever your e-mail session key is) as the activation rule.
• Code regex: The regular expression used to generate one-time codes. The default is a 6-digit code.
• Code timeout: It might take a while for users to open their e-mail account and find the code. Raise this timeout if the default (2 minutes) isn't enough.
• Mail subject: The subject of the email the user will receive. If you leave it blank, it will be looked up in translation files.
• Mail body: The plain text content of the email the user will receive. If you leave it blank, the mail_2fcode HTML template will be used. The one-time code is stored in the $code variable
• Authentication level (Optional): if you want to overwrite the value sent by your authentication module, you can define here the new authentication level. Example: 5
• Logo (Optional): logo file (in static/<skin> directory)
• Label (Optional): label that should be displayed to the user on the choice screen