Two-step Authentication for IPB

[Milad IPBPlug.in]

File Name: Two-step Authentication for IPB

File Submitter: Milad IPBPlug.in

File Submitted: 12 Dec 2013

File Category: Security

Supported Versions: IP.Board 3.4.x

I'm happy to announce the immediate availability of the Two-step Authentication for IPB on ipbplug.in and IPS Marketplace.

Two-step authentication adds an extra layer of protection to your account. Whenever you sign in to your website, you will need to enter both your password and also a six-digit one-time security code generated by Google Authenticator on your mobile, or by other similar mobile applications.

We took the time to prepare a video that explains everything about the app:

Feel free to create an account at https://ipbplug.in and try to use this new app.

Compatibility:

The app has been designed and tested for IPB 3.4.6. It's not tested for older versions, but it could be compatible though, especially for IPB 3.4.x

It works with the following Authenticators:

• Google Authenticator
• Duo Mobile
• Amazon AWS MFA
• Authenticator
  

Pricing:
The initial price is $17.5 for 6 months. The subscription can be renewed for $6 for another 6 months if and when you feel that you need to install the future updates and upgrades.

Credits:
We are using PHPGangstas GoogleAuthenticator which is Licensed under the BSD License.

Custom work:
Do you need custom work for your IP.Board? please feel free to contact me.

here to download this file

[Ocean West]

I understand the 2 step for initial authentication - but to have to provide that EVERY time seems excessive?

I have Google Authenticator for many google products and only have to enter it once per device / site / service, and from google can divorce permission to said site/service thru googles admin pages.

Can this provide same experience to IPB?

[Milad IPBPlug.in]

Of course, it's possible and I'm considering it. Be right back.

[Milad IPBPlug.in]

Hello

I've uploaded a new version with "Trust this computer for 30 days" feature.



Please let me know about your other suggestions.

Regards

[Aussie Cable]

Great app! I love it however, will this be available for IPB 4.x and beyond?

[Milad IPBPlug.in]

Hello

Probably, it won't work on IPB 4.0 because that version uses different framework. Anyway, a new version will be released for IPB 4.0 when it's out.

Now, we are working on a totally new generation of IPB twitterer too.

Regards

[kimball73]

Hello,

Thanks for creating a two-step verification addition for IPB.

I did find what seems a slight issue when scanning the barcode (Google Authenticator). Scanning did not work correctly. I would receive an error message stating the key was invalid. This was same if generated code was manually entered. The issue seems to be with the description. If the description contains a space, the code would report an invalid code. This occurred on a IOS device.

I figured it out. If there is a space in the Name of the Site (i.e. My Blog) then it fails but if you type without space (i.e. MyBlog) then the code goes through.

Reference URL:

http://wordpress.org/support/topic/plugin-google-authenticator-scanning-barcode-doesnt-work

I was able to manually enter a name without a space and the generated code to successfully enable the two-step verification. While it is working, the space issue in the description preventing successful scanning is a limitation which will not allow for me to make this available for our board customers.

2nd Issue:

Accessing the Two-Step Authentication for IPB from the ACP tools menu does not appear to function correctly (at least not for my installation). The link in the ACP seems to be pointing to a URL which ends with "&app=twostepauth" but instead redirects to a members listing with an error message.

Just thought I'd share the findings I have so far. I appreciate the app and look forward the correction to the scanning for IOS devices so I can roll this feature to our customers.

Regards,

[Milad IPBPlug.in]

Thank you very much. I'll issue an upgrade over the weekend.

Regards

[Aussie Cable]

Hello

Probably, it won't work on IPB 4.0 because that version uses different framework. Anyway, a new version will be released for IPB 4.0 when it's out.

Now, we are working on a totally new generation of IPB twitterer too.

Regards

Awesome, I will buy this when my dev community is complete.

[Milad IPBPlug.in]

Hello,

Thanks for creating a two-step verification addition for IPB.

I did find what seems a slight issue when scanning the barcode (Google Authenticator). Scanning did not work correctly. I would receive an error message stating the key was invalid. This was same if generated code was manually entered. The issue seems to be with the description. If the description contains a space, the code would report an invalid code. This occurred on a IOS device.

Reference URL:

http://wordpress.org/support/topic/plugin-google-authenticator-scanning-barcode-doesnt-work

I was able to manually enter a name without a space and the generated code to successfully enable the two-step verification. While it is working, the space issue in the description preventing successful scanning is a limitation which will not allow for me to make this available for our board customers.

2nd Issue:

Accessing the Two-Step Authentication for IPB from the ACP tools menu does not appear to function correctly (at least not for my installation). The link in the ACP seems to be pointing to a URL which ends with "&app=twostepauth" but instead redirects to a members listing with an error message.

ACP Error for Two-Step Verification.png

Just thought I'd share the findings I have so far. I appreciate the app and look forward the correction to the scanning for IOS devices so I can roll this feature to our customers.

Regards,

Hello

I have uploaded a new version that fixed the space issue for iOS.

For the second issue, it's not a bug. The app has nothing to show in the Admin CP. The only function there is the ability to remove GA setup for a member by using a new link in the actions menu (the one you see when you edit a member).

Please let me know if you face further issues.

Regards

[kimball73]

Hello

I have uploaded a new version that fixed the space issue for iOS.

For the second issue, it's not a bug. The app has nothing to show in the Admin CP. The only function there is the ability to remove GA setup for a member by using a new link in the actions menu (the one you see when you edit a member).

Please let me know if you face further issues.

Regards

Downloaded and installed the update.

Thank you for the quick update!

[Amged Osman]

Amazing Idea, well done.

[Cabola]

Really interesting app!

[ZakRhyno]

Will this be upgraded with IPS 4.0?

[Milad IPBPlug.in]

Will this be upgraded with IPS 4.0?

That's our plan. But IPS 4.0 hasn't been released yet.

[Milad IPBPlug.in]

Hello

Huge discount! 65% Off the >Two-step Authentication for IPB add-on!

From now until Feb 28th 2014 23:59:59 GMT, this product will be discounted at a very low price tag, which is $6.00!

Grab the product today, you would never ever see such a good offer.

Regrads

[Aussie Cable]

Awesome, I shall grab this deal on Monday

[Pete T]

Great app very good installed and using :)

[Milad IPBPlug.in]

Hello

Huge discount! 65% Off the >Two-step Authentication for IPB add-on!

From now until Feb 28th 2014 23:59:59 GMT, this product will be discounted at a very low price tag, which is $6.00!

Grab the product today, you would never ever see such a good offer.

Regrads

Last 2:50

[catbreadbat]

Looks like the Two-Step Authentication doesn't work on mobile:

[Aussie Cable]

Hi Milad

After losing data on my own mobile phone over the weekend, I had to re-install and reconfigure two step auth.

Luckily I did not have to put in a code on my ACP, or i'd be stuffed right now.

I suggest that you have a way to retrieve or disable two step auth, that involves SMS a code to a number (or numbers) in the case of this scenario. I understand that you could disable two step auth via twostepauth_enabled in the members SQL table, but some people are not efficient enough to consider (or even attempt) this.

Your thoughts?

[Milad IPBPlug.in]

Looks like the Two-Step Authentication doesn't work on mobile:
Screenshot (18).png

I'll check this in the next release.

[Milad IPBPlug.in]

Hi Milad

After losing data on my own mobile phone over the weekend, I had to re-install and reconfigure two step auth.

Luckily I did not have to put in a code on my ACP, or i'd be stuffed right now.

I suggest that you have a way to retrieve or disable two step auth, that involves SMS a code to a number (or numbers) in the case of this scenario. I understand that you could disable two step auth via twostepauth_enabled in the members SQL table, but some people are not efficient enough to consider (or even attempt) this.

Your thoughts?

I think the best option here is to add a tools.php file, where you can disabled 2SA for certain users.

[Wayne B]

I think the best option here is to add a tools.php file, where you can disabled 2SA for certain users.

I'll check this in the next release.

Hi

Can you confirm if these two issues were resolved please and secondly can you confirm if this can be set to allow the following;

Make Two Factor Authentication for certain groups to use it and not others
Enforce use of two factor authentication for certain groups (ie admin and moderators)

[Milad IPBPlug.in]

Hello

I take your input as suggestions, which I highly value and appreciate. But for now, the main goal is to get these apps upgraded and ready for IPS 4.0

Regards