Skip to Content
Last modified by Agnease on 2026/05/23 18:56
From version 1.13
edited by Agnease
on 2026/05/22 03:37
Change comment: There is no comment for this version
To version 1.6
edited by Agnease
on 2026/05/12 20:32
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -5,7 +5,7 @@
5 5  
6 6  <section class="hero hero-centered product-hero" aria-labelledby="product-title">
7 7   <div class="container hero-inner">
8 - <div class="hero-kicker">
8 + <div class="product-kicker">
9 9   <i class="fa fa-lock" aria-hidden="true"></i>
10 10   XWiki security extension
11 11   </div>
... ... @@ -17,8 +17,8 @@
17 17   </p>
18 18  
19 19   <p class="hero-support">
20 - This XWiki MFA / 2FA extension adds an additional verification step after the standard username and password login.
21 - Users can verify access with authenticator app codes, email-delivered one-time codes, or a combined setup requiring both methods.
20 + This extension protects XWiki accounts with time-based one-time verification codes while keeping the familiar
21 + XWiki username and password authentication as the first login step.
22 22   </p>
23 23  
24 24   <div class="hero-actions">
... ... @@ -35,21 +35,19 @@
35 35   <h2 id="overview-title">Stronger login protection for XWiki</h2>
36 36  
37 37   <p>
38 - The XWiki MFA / Two-Factor Authentication extension adds additional verification after the standard
39 - XWiki username and password login. It strengthens account protection without replacing the familiar
40 - XWiki authentication flow.
38 + The XWiki Two-Factor Authentication extension adds an additional verification screen after the standard
39 + username and password login. Users confirm their identity with a time-based one-time code before accessing
40 + the wiki.
41 41   </p>
42 42  
43 43   <p>
44 - The extension supports authenticator app codes using TOTP, email-delivered one-time verification codes,
45 - and stricter configurations where both verification methods are required. This allows organizations to
46 - choose between a simpler 2FA setup or a stronger multi-step MFA policy.
44 + The extension is designed for organizations that want to improve account security while keeping authentication
45 + close to the standard XWiki login experience.
47 47   </p>
48 48  
49 49   <p>
50 - Trusted clients can also be remembered for a configured period. In practice, this means that a known
51 - browser or device can avoid repeated MFA prompts, while new or untrusted clients still require the
52 - configured verification steps.
49 + It can be useful for internal knowledge bases, intranets, documentation platforms, SOP systems, or other
50 + XWiki environments where access to content and administration should be better protected.
53 53   </p>
54 54   </article>
55 55  
... ... @@ -57,9 +57,7 @@
57 57   <h3 id="quick-facts-title">Quick facts</h3>
58 58   <ul>
59 59   <li>Works with the standard XWiki login flow</li>
60 - <li>Supports authenticator app verification codes</li>
61 - <li>Supports email-delivered verification codes</li>
62 - <li>Can remember trusted clients beyond the current session</li>
58 + <li>Adds a second TOTP verification step</li>
63 63   <li>Configuration available from wiki administration</li>
64 64   <li>User setup available during login or from the user profile</li>
65 65   <li>Administrators can enable, disable or reset MFA for users</li>
... ... @@ -85,33 +85,12 @@
85 85   </div>
86 86   <h3>Second login step</h3>
87 87   <p>
88 - After the username and password are verified, users are asked to enter an additional verification code
89 - before accessing the wiki.
84 + After the username and password are verified, users are asked to enter a time-based verification code.
90 90   </p>
91 91   </article>
92 92  
93 93   <article class="product-feature">
94 94   <div class="feature-icon">
95 - <i class="fa fa-mobile" aria-hidden="true"></i>
96 - </div>
97 - <h3>Authenticator app codes</h3>
98 - <p>
99 - Users can verify access with codes generated by authenticator applications, such as mobile TOTP apps.
100 - </p>
101 - </article>
102 -
103 - <article class="product-feature">
104 - <div class="feature-icon">
105 - <i class="fa fa-envelope-o" aria-hidden="true"></i>
106 - </div>
107 - <h3>Email verification codes</h3>
108 - <p>
109 - Users can also receive a verification code by email, useful when an authenticator app is not available.
110 - </p>
111 - </article>
112 -
113 - <article class="product-feature">
114 - <div class="feature-icon">
115 115   <i class="fa fa-qrcode" aria-hidden="true"></i>
116 116   </div>
117 117   <h3>User setup screen</h3>
... ... @@ -122,17 +122,6 @@
122 122  
123 123   <article class="product-feature">
124 124   <div class="feature-icon">
125 - <i class="fa fa-clock-o" aria-hidden="true"></i>
126 - </div>
127 - <h3>Remember trusted clients</h3>
128 - <p>
129 - Trusted browsers can be remembered beyond the current session, reducing repeated MFA prompts while keeping
130 - the second factor active for new or untrusted clients.
131 - </p>
132 - </article>
133 -
134 - <article class="product-feature">
135 - <div class="feature-icon">
136 136   <i class="fa fa-sliders" aria-hidden="true"></i>
137 137   </div>
138 138   <h3>Administration controls</h3>
... ... @@ -186,12 +186,6 @@
186 186   </p>
187 187  
188 188   <p>
189 - It can also support organizations that need MFA as part of their cybersecurity controls, including companies
190 - working toward NIS 2 readiness. NIS 2 focuses on stronger cybersecurity risk management across essential and
191 - important entities in the EU, and MFA is often expected as part of enterprise access protection programs.
192 - </p>
193 -
194 - <p>
195 195   It is also useful when many users access the wiki remotely, when administrator accounts need stronger protection,
196 196   or when the organization wants to reduce the risk of compromised passwords.
197 197   </p>
... ... @@ -211,42 +211,6 @@
211 211   </div>
212 212  </section>
213 213  
214 -<section class="product-section-muted" aria-labelledby="compliance-title">
215 - <div class="container">
216 - <div class="product-layout">
217 - <article class="product-summary-card">
218 - <h2 id="compliance-title">Useful for MFA adoption and NIS 2 readiness</h2>
219 -
220 - <p>
221 - Many organizations now need multi-factor authentication for enterprise software, especially when the
222 - platform contains internal documentation, procedures, operational knowledge or sensitive business data.
223 - </p>
224 -
225 - <p>
226 - For organizations using XWiki as a knowledge platform, having MFA embedded in the standard XWiki login
227 - experience helps close a practical security gap without requiring a full replacement of the authentication flow.
228 - </p>
229 -
230 - <p>
231 - This can be relevant for companies preparing for NIS 2 requirements, where MFA is part of a broader
232 - cybersecurity risk management and access protection strategy.
233 - </p>
234 - </article>
235 -
236 - <aside class="product-info-card" aria-labelledby="mfa-readiness-title">
237 - <h3 id="mfa-readiness-title">Security controls supported</h3>
238 - <ul>
239 - <li>Second-factor verification after password login</li>
240 - <li>Authenticator app or email-based verification codes</li>
241 - <li>Reduced repeated prompts for trusted clients</li>
242 - <li>Administration controls for user-level MFA management</li>
243 - <li>Better protection for administrator and remote-access accounts</li>
244 - </ul>
245 - </aside>
246 - </div>
247 - </div>
248 -</section>
249 -
250 250  #*
251 251  <section aria-labelledby="gallery-title">
252 252   <div class="container">