Skip to Content
Version 1.13 by Agnease on 2026/05/22 03:37
Hide last authors
Agnease 1.2 1 {{velocity}}
2 #set ($discard = $xwiki.ssx.use('PublicWebSite.WebHome'))
3 #set ($discard = $xwiki.ssx.use('products.WebHome'))
4 {{html clean="false"}}
5
6 <section class="hero hero-centered product-hero" aria-labelledby="product-title">
7 <div class="container hero-inner">
Agnease 1.7 8 <div class="hero-kicker">
Agnease 1.2 9 <i class="fa fa-lock" aria-hidden="true"></i>
10 XWiki security extension
11 </div>
12
13 <h1 id="product-title">XWiki Two-Factor Authentication</h1>
14
15 <p class="lead">
16 Add a second verification step to the standard XWiki login flow.
17 </p>
18
19 <p class="hero-support">
Agnease 1.12 20 This XWiki MFA / 2FA extension adds an additional verification step after the standard username and password login.
21 Users can verify access with authenticator app codes, email-delivered one-time codes, or a combined setup requiring both methods.
Agnease 1.2 22 </p>
23
24 <div class="hero-actions">
25 <a class="btn btn-primary" href="$xwiki.getURL('contact.WebHome')">Ask about this extension</a>
26 <a class="btn btn-secondary" href="$xwiki.getURL('products.WebHome')">View all products</a>
27 </div>
28 </div>
29 </section>
30
31 <section aria-labelledby="overview-title">
32 <div class="container">
33 <div class="product-layout">
34 <article class="product-summary-card">
35 <h2 id="overview-title">Stronger login protection for XWiki</h2>
36
37 <p>
Agnease 1.13 38 The XWiki MFA / Two-Factor Authentication extension adds additional verification after the standard
39 XWiki username and password login. It strengthens account protection without replacing the familiar
40 XWiki authentication flow.
Agnease 1.2 41 </p>
42
43 <p>
Agnease 1.13 44 The extension supports authenticator app codes using TOTP, email-delivered one-time verification codes,
45 and stricter configurations where both verification methods are required. This allows organizations to
46 choose between a simpler 2FA setup or a stronger multi-step MFA policy.
Agnease 1.2 47 </p>
48
49 <p>
Agnease 1.13 50 Trusted clients can also be remembered for a configured period. In practice, this means that a known
51 browser or device can avoid repeated MFA prompts, while new or untrusted clients still require the
52 configured verification steps.
Agnease 1.2 53 </p>
54 </article>
55
56 <aside class="product-info-card" aria-labelledby="quick-facts-title">
57 <h3 id="quick-facts-title">Quick facts</h3>
58 <ul>
59 <li>Works with the standard XWiki login flow</li>
Agnease 1.10 60 <li>Supports authenticator app verification codes</li>
61 <li>Supports email-delivered verification codes</li>
62 <li>Can remember trusted clients beyond the current session</li>
Agnease 1.2 63 <li>Configuration available from wiki administration</li>
64 <li>User setup available during login or from the user profile</li>
65 <li>Administrators can enable, disable or reset MFA for users</li>
66 <li>Can be used on the main wiki and subwikis</li>
67 </ul>
68 </aside>
69 </div>
70 </div>
71 </section>
72
73 <section aria-labelledby="features-title">
74 <div class="container">
75 <h2 id="features-title">Main capabilities</h2>
76 <p class="section-intro">
77 The extension focuses on adding a practical second authentication step while keeping the standard XWiki login
78 process and administration experience understandable.
79 </p>
80
81 <div class="product-feature-grid">
82 <article class="product-feature">
83 <div class="feature-icon">
84 <i class="fa fa-key" aria-hidden="true"></i>
85 </div>
86 <h3>Second login step</h3>
87 <p>
Agnease 1.11 88 After the username and password are verified, users are asked to enter an additional verification code
89 before accessing the wiki.
Agnease 1.2 90 </p>
91 </article>
92
93 <article class="product-feature">
94 <div class="feature-icon">
Agnease 1.11 95 <i class="fa fa-mobile" aria-hidden="true"></i>
96 </div>
97 <h3>Authenticator app codes</h3>
98 <p>
99 Users can verify access with codes generated by authenticator applications, such as mobile TOTP apps.
100 </p>
101 </article>
102
103 <article class="product-feature">
104 <div class="feature-icon">
105 <i class="fa fa-envelope-o" aria-hidden="true"></i>
106 </div>
107 <h3>Email verification codes</h3>
108 <p>
109 Users can also receive a verification code by email, useful when an authenticator app is not available.
110 </p>
111 </article>
112
113 <article class="product-feature">
114 <div class="feature-icon">
Agnease 1.2 115 <i class="fa fa-qrcode" aria-hidden="true"></i>
116 </div>
117 <h3>User setup screen</h3>
118 <p>
119 Users can configure their verification code setup during login or from their XWiki profile when needed.
120 </p>
121 </article>
122
123 <article class="product-feature">
124 <div class="feature-icon">
Agnease 1.11 125 <i class="fa fa-clock-o" aria-hidden="true"></i>
126 </div>
127 <h3>Remember trusted clients</h3>
128 <p>
129 Trusted browsers can be remembered beyond the current session, reducing repeated MFA prompts while keeping
130 the second factor active for new or untrusted clients.
131 </p>
132 </article>
133
134 <article class="product-feature">
135 <div class="feature-icon">
Agnease 1.2 136 <i class="fa fa-sliders" aria-hidden="true"></i>
137 </div>
138 <h3>Administration controls</h3>
139 <p>
140 Administrators can enable the feature globally, manage user-level activation, and reset a user setup when required.
141 </p>
142 </article>
143
144 <article class="product-feature">
145 <div class="feature-icon">
146 <i class="fa fa-user" aria-hidden="true"></i>
147 </div>
148 <h3>Profile integration</h3>
149 <p>
150 The extension adds user profile controls so the second-factor setup can be reviewed or reset from XWiki.
151 </p>
152 </article>
153
154 <article class="product-feature">
155 <div class="feature-icon">
156 <i class="fa fa-random" aria-hidden="true"></i>
157 </div>
158 <h3>Fallback behavior</h3>
159 <p>
160 The extension can fall back to standard XWiki authentication when the feature is not enabled or not configured.
161 </p>
162 </article>
163
164 <article class="product-feature">
165 <div class="feature-icon">
166 <i class="fa fa-sitemap" aria-hidden="true"></i>
167 </div>
168 <h3>Main wiki and subwikis</h3>
169 <p>
170 The extension is designed to support XWiki environments using the main wiki and subwikis.
171 </p>
172 </article>
173 </div>
174 </div>
175 </section>
176
177 <section aria-labelledby="use-cases-title">
178 <div class="container">
179 <div class="product-layout">
180 <article class="product-summary-card">
181 <h2 id="use-cases-title">When this extension is useful</h2>
182
183 <p>
184 Two-factor authentication is especially relevant when XWiki contains internal documentation, procedures,
185 customer information, project knowledge, administrative pages, or business-critical content.
186 </p>
187
188 <p>
Agnease 1.11 189 It can also support organizations that need MFA as part of their cybersecurity controls, including companies
190 working toward NIS 2 readiness. NIS 2 focuses on stronger cybersecurity risk management across essential and
191 important entities in the EU, and MFA is often expected as part of enterprise access protection programs.
192 </p>
193
194 <p>
Agnease 1.2 195 It is also useful when many users access the wiki remotely, when administrator accounts need stronger protection,
196 or when the organization wants to reduce the risk of compromised passwords.
197 </p>
198 </article>
199
200 <aside class="product-info-card" aria-labelledby="good-fit-title">
201 <h3 id="good-fit-title">Good fit for</h3>
202 <ul>
203 <li>Private XWiki knowledge bases</li>
204 <li>Company intranets</li>
205 <li>SOP and controlled-document platforms</li>
206 <li>Documentation portals with sensitive content</li>
207 <li>Wikis with several administrators or remote users</li>
208 </ul>
209 </aside>
210 </div>
211 </div>
212 </section>
213
Agnease 1.11 214 <section class="product-section-muted" aria-labelledby="compliance-title">
215 <div class="container">
216 <div class="product-layout">
217 <article class="product-summary-card">
218 <h2 id="compliance-title">Useful for MFA adoption and NIS 2 readiness</h2>
219
220 <p>
221 Many organizations now need multi-factor authentication for enterprise software, especially when the
222 platform contains internal documentation, procedures, operational knowledge or sensitive business data.
223 </p>
224
225 <p>
226 For organizations using XWiki as a knowledge platform, having MFA embedded in the standard XWiki login
227 experience helps close a practical security gap without requiring a full replacement of the authentication flow.
228 </p>
229
230 <p>
231 This can be relevant for companies preparing for NIS 2 requirements, where MFA is part of a broader
232 cybersecurity risk management and access protection strategy.
233 </p>
234 </article>
235
236 <aside class="product-info-card" aria-labelledby="mfa-readiness-title">
237 <h3 id="mfa-readiness-title">Security controls supported</h3>
238 <ul>
239 <li>Second-factor verification after password login</li>
240 <li>Authenticator app or email-based verification codes</li>
241 <li>Reduced repeated prompts for trusted clients</li>
242 <li>Administration controls for user-level MFA management</li>
243 <li>Better protection for administrator and remote-access accounts</li>
244 </ul>
245 </aside>
246 </div>
247 </div>
248 </section>
249
Agnease 1.6 250 #*
Agnease 1.2 251 <section aria-labelledby="gallery-title">
252 <div class="container">
253 <div class="product-gallery-panel">
254 <h2 id="gallery-title">Screenshots</h2>
255 <p class="gallery-note">
256 Use this area to show the login verification screen, first-time setup, user profile controls,
257 and administration configuration.
258 </p>
259
260 <div class="product-gallery-placeholder">
261 Replace this placeholder with the XWiki gallery macro and 3-5 screenshots from the application.
262 </div>
263 </div>
264 </div>
265 </section>
Agnease 1.6 266 *#
Agnease 1.2 267 <section class="cta-section" aria-labelledby="cta-title">
268 <div class="container">
269 <div class="cta-panel">
270 <h2 id="cta-title">Interested in using this extension?</h2>
271 <p>
272 Send a short message with your XWiki version, authentication setup, and whether you use a single wiki
273 or a main wiki with subwikis.
274 </p>
275 <a class="btn btn-primary" href="$xwiki.getURL('contact.WebHome')">Contact Agnease</a>
276 </div>
277 </div>
278 </section>
279
280 {{/html}}
281 {{/velocity}}