Enhance security for your Moodle site with A2FA plugin.

Enhancing security is a major concern for all site administrators because of the increased attacks by hackers and security breaches. Google has developed an authentication service “Google Authenticator” which connects the user login details to his/her mobile. It is also known as “2-step authentication”.

Thanks to Sam Battat that same Google Authenticator app can be used on your moodle site to increase security.

Quick Steps to configure the A2FA for your moodle site are:

  • Inform all your users to set up the Authenticator app before you turn on the A2FA for them.
  • You need to install 2 plugins on your Moodle site, first – A2FA, and second – A2FA QR code input
  • To install these plugins use moodle plugin installation interface to upload a2fa.zip and follow installation steps (use Authentication method as plugin type).
  • Then install the afaqr plugin by uploading the afaqr.zip using the plugin installation interface (Choose profile field as a plugin type)
  • Once these plugins are installed, go to Site Administration > Users > Accounts > User profile fields
  • Add an a2fa QR code input with the shortname a2fasecret (This name is being used in the code and has to match for the system to work)
  • Make this field Visible to user
  • Now go to Site Administration > Plugins > Authentication > Manage authentication and enable A2FA
  • Once the authentication method is enable go to the user that you want to force using this auth method and edit their authentication method.
  • Please make a note that the default login page for this plugin is: http://yourmoodlesite.com/auth/a2fa/login.php

 

Detailed Steps to configure the A2FA for your site are as follows:

  • Prerequisites:
  • Procedure (to be followed for your moodle site):
    • Install a2fa plugin in yourmoodlesite/auth dirrectory.
    • Install a2fa QR code input plugin in yourmoodlesite/user/profile/field directory.
    • Go to site administration > users > accounts > user profile fields and add a a2fqr field type.
      Add QR code input profile field
      Add QR code input profile field
    • Under visibility settings change to only visible to user and save the profile field.
    • Then go to administration > plugins > auth and enable a2fa by clicking on the closed eye icon.
      Enable the A2FA authentication method
      Enable the A2FA authentication method
    • Once enabled go to the list of users and click on the edit icon besides the user for whom you would like to enable a2fa authentication.
    • On the edit user page under chose an authentication method change the authentication method to A2fa method.
      Choose the authentication method
      Choose the authentication method
    • Under Other fields section click on generate new secret under a2fa  qr code field. Copy the secret and click update profile.
      Generate new secret key for the user
      Generate new secret key for the user
  • Procedure to be followed on user end:
    • Inform your user about the setup of a2fa authentication for them and share the QR Secret with them.
    • The login URL will change for those users to yourmoodlesite/auth/a2fa/login.php and they will not be able to login through normal login page.services
    • In the google authenticator app visit the setup account page and click enter provided key.
      Enter security key
      Enter security key
    • Enter the shared key and name for the service.
      Enter the key
      Enter the key
    • Then visit the url to login into the site and enter username password along with your verification code from the google authenticator app.

 

 

Jaswinder Singh

Jaswinder Singh, passionate about using Moodle in improving the Indian Education System and reaching the students in far flung areas where still education seems to be a impossible prospect of life. He is the author of the popular Moodle Book "How to use Moodle 2.7". In October 2016, Jaswinder was elected as the Moodle User's Association Committee member - the first to make it from India.

Related Articles