Enhance security of your classifieds and provide two-factor authentication option to your customers. Security should always be priority #1, this plugin place another layer to login process and customers must confirm their identity using mobile phone.
Authentication using 2FA application
When user tries to login into its account and 2-factor authentication is enabled in its profile, login process is stopped before completion and user must enter verification code from their authentication application in mobile phone.
Setup of additional authentication method is very simple and user have to scan QR code into their authentication application.
There are many different 2FA authentication applications those can be used, i.e. Google Authenticator or 2FA Authenticator.
Configuration parameters
Plugin comes with various configuration options those allows to setup your authentication level in way you need it, so it is not too strict but also not too weak.
2FA authentication required
Select if setup of two-factor authentication is optional or required. If required option is selected, each time user login into its account, is redirected to 2FA setup page.
Forcing user to use 2-factor authentication is not too strict to ensure they have still ability to decide if they want to enhance their security or no.
Tolerance of Expired Codes
It often happen that when you are entering verification code, meanwhile it expired and verification fails. Plugin offers option to tolerate also expired codes. Tolerance parameter basically means how many older codes are accepted.
This can help also in case your server time is not synchronized and actually plugin then generates codes older than they really should be .as it use wrong time slice (old).
Threshold days
Define how often your customers must use their application to login into account. If this value is set to zero, it means two-factor authentication is used each time they login.
If this value is defined i.e. to 7 days, they must authenticate using 2FA application once per 7 day.
It is recommended to not force users to each time use 2FA verification as it is not user friendly and brings worse user experience - for price of increased security.
Other parameters
Application name - define name of your application/website, this name is used in authentication application in customer's mobile in format: {application name} / {user email}
Successful message after login - by default, Osclass does not show flash message that customer successfully logged in, as it is redundant. But when 2FA authentication is used, it may bring better user experience to show this message.
Auto-hook configuration link - automatically add two-factor authentication configuration link into user menu in account section.
Note: make sure your server time is NTP-synced!
Note: use PHP 8.1 or higher, some customers reported issue with sync on PHP 8.0
Portuguese
Arabic (SY)
Polish
Turkish
This website uses its own and third-party cookies to improve our services and show you advertising related to your preferences by analyzing your browsing habits. To give your consent to its use, press the "Accept all" button.