|Table of Contents|
OTP Email MFA is a Multi-factor authentication plugin that sends a one-time password to a user's email providing an additional layer of security.
Multi-Factor Authentication (MFA) is a security best practice that adds an extra layer of protection on top of a username and password combination. By requiring an additional authentication code from a trusted device, MFA safeguards access to a user’s account even if the password is compromised.
Steps to Import this Plugin
1. Go to the website https://github.com/jogetoss/otp-email-mfa.
Steps to Use this Plugin
Steps for Administrators
1. Start the Joget server and open the App Center.
5. Once the OTP Email MFA Authenticator has been enabled, users will be able to enable MFA individually in their User profile.
Steps for Users
1. Users can activate OTP Email MFA Authenticator in their respective user profiles by clicking the "Activate" button. (See Figure 5)
5. On subsequent logins, the users will be prompted for an OTP password which will always be sent to the user's email.
Deactivating Multi-Factor Authentication
1. As a user, you can disable OTP Email MFA Authenticator by clicking on the Deactivate button in your user profile. (See Figure 7)
2. Administrators can also disable MFA for a specific user by selecting the Setup Users under Users in the admin bar and clicking on the Deactivate MFA button. (See Figure 8)
One-time Password Email MFA Authenticator Properties
Configure One-time Password Email MFA Authenticator
|Validity Period (minute)||Expiration time for the One Time Password (OTP) sent to the user's email registered in the profile to remain valid in minutes. The default value is 5 minutes.|
|Subject||The subject of the email with the OTP.|
|Message||The message to be displayed in the email.|