Skip to Content
Last modified by Agnease on 2026/05/23 18:56
From version 1.9
edited by Agnease
on 2026/05/22 03:22
Change comment: There is no comment for this version
To version 1.12
edited by Agnease
on 2026/05/22 03:35
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -17,8 +17,8 @@
17 17   </p>
18 18  
19 19   <p class="hero-support">
20 - This extension protects XWiki accounts with an additional verification step after the standard username and password login.
21 - Users can verify access with an authenticator app code or an email-delivered code, while XWiki keeps its familiar login experience.
20 + This XWiki MFA / 2FA extension adds an additional verification step after the standard username and password login.
21 + Users can verify access with authenticator app codes, email-delivered one-time codes, or a combined setup requiring both methods.
22 22   </p>
23 23  
24 24   <div class="hero-actions">
... ... @@ -56,7 +56,9 @@
56 56   <h3 id="quick-facts-title">Quick facts</h3>
57 57   <ul>
58 58   <li>Works with the standard XWiki login flow</li>
59 - <li>Adds a second TOTP verification step</li>
59 + <li>Supports authenticator app verification codes</li>
60 + <li>Supports email-delivered verification codes</li>
61 + <li>Can remember trusted clients beyond the current session</li>
60 60   <li>Configuration available from wiki administration</li>
61 61   <li>User setup available during login or from the user profile</li>
62 62   <li>Administrators can enable, disable or reset MFA for users</li>
... ... @@ -82,12 +82,33 @@
82 82   </div>
83 83   <h3>Second login step</h3>
84 84   <p>
85 - After the username and password are verified, users are asked to enter a time-based verification code.
87 + After the username and password are verified, users are asked to enter an additional verification code
88 + before accessing the wiki.
86 86   </p>
87 87   </article>
88 88  
89 89   <article class="product-feature">
90 90   <div class="feature-icon">
94 + <i class="fa fa-mobile" aria-hidden="true"></i>
95 + </div>
96 + <h3>Authenticator app codes</h3>
97 + <p>
98 + Users can verify access with codes generated by authenticator applications, such as mobile TOTP apps.
99 + </p>
100 + </article>
101 +
102 + <article class="product-feature">
103 + <div class="feature-icon">
104 + <i class="fa fa-envelope-o" aria-hidden="true"></i>
105 + </div>
106 + <h3>Email verification codes</h3>
107 + <p>
108 + Users can also receive a verification code by email, useful when an authenticator app is not available.
109 + </p>
110 + </article>
111 +
112 + <article class="product-feature">
113 + <div class="feature-icon">
91 91   <i class="fa fa-qrcode" aria-hidden="true"></i>
92 92   </div>
93 93   <h3>User setup screen</h3>
... ... @@ -98,6 +98,17 @@
98 98  
99 99   <article class="product-feature">
100 100   <div class="feature-icon">
124 + <i class="fa fa-clock-o" aria-hidden="true"></i>
125 + </div>
126 + <h3>Remember trusted clients</h3>
127 + <p>
128 + Trusted browsers can be remembered beyond the current session, reducing repeated MFA prompts while keeping
129 + the second factor active for new or untrusted clients.
130 + </p>
131 + </article>
132 +
133 + <article class="product-feature">
134 + <div class="feature-icon">
101 101   <i class="fa fa-sliders" aria-hidden="true"></i>
102 102   </div>
103 103   <h3>Administration controls</h3>
... ... @@ -151,6 +151,12 @@
151 151   </p>
152 152  
153 153   <p>
188 + It can also support organizations that need MFA as part of their cybersecurity controls, including companies
189 + working toward NIS 2 readiness. NIS 2 focuses on stronger cybersecurity risk management across essential and
190 + important entities in the EU, and MFA is often expected as part of enterprise access protection programs.
191 + </p>
192 +
193 + <p>
154 154   It is also useful when many users access the wiki remotely, when administrator accounts need stronger protection,
155 155   or when the organization wants to reduce the risk of compromised passwords.
156 156   </p>
... ... @@ -170,6 +170,42 @@
170 170   </div>
171 171  </section>
172 172  
213 +<section class="product-section-muted" aria-labelledby="compliance-title">
214 + <div class="container">
215 + <div class="product-layout">
216 + <article class="product-summary-card">
217 + <h2 id="compliance-title">Useful for MFA adoption and NIS 2 readiness</h2>
218 +
219 + <p>
220 + Many organizations now need multi-factor authentication for enterprise software, especially when the
221 + platform contains internal documentation, procedures, operational knowledge or sensitive business data.
222 + </p>
223 +
224 + <p>
225 + For organizations using XWiki as a knowledge platform, having MFA embedded in the standard XWiki login
226 + experience helps close a practical security gap without requiring a full replacement of the authentication flow.
227 + </p>
228 +
229 + <p>
230 + This can be relevant for companies preparing for NIS 2 requirements, where MFA is part of a broader
231 + cybersecurity risk management and access protection strategy.
232 + </p>
233 + </article>
234 +
235 + <aside class="product-info-card" aria-labelledby="mfa-readiness-title">
236 + <h3 id="mfa-readiness-title">Security controls supported</h3>
237 + <ul>
238 + <li>Second-factor verification after password login</li>
239 + <li>Authenticator app or email-based verification codes</li>
240 + <li>Reduced repeated prompts for trusted clients</li>
241 + <li>Administration controls for user-level MFA management</li>
242 + <li>Better protection for administrator and remote-access accounts</li>
243 + </ul>
244 + </aside>
245 + </div>
246 + </div>
247 +</section>
248 +
173 173  #*
174 174  <section aria-labelledby="gallery-title">
175 175   <div class="container">