Wiki source code of XWiki Two-Factor Authentication
Last modified by Agnease on 2026/05/23 18:56
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
1.18 | 1 | {{velocity}} |
| 2 | #set ($discard = $xwiki.ssx.use('PublicWebSite.WebHome')) | ||
| 3 | #set ($discard = $xwiki.ssx.use('products.WebHome')) | ||
| 4 | {{html clean="false"}} | ||
| |
1.2 | 5 | |
| |
6.5 | 6 | <section class="hero hero-centered" aria-labelledby="hero-title"> |
| |
1.18 | 7 | <div class="container hero-inner"> |
| 8 | <div class="hero-kicker"> | ||
| |
1.2 | 9 | <i class="fa fa-lock" aria-hidden="true"></i> |
| |
1.18 | 10 | XWiki 2FA and MFA |
| |
1.2 | 11 | </div> |
| 12 | |||
| |
1.18 | 13 | <h1 id="product-title">XWiki Two-Factor Authentication</h1> |
| |
1.2 | 14 | |
| |
1.18 | 15 | <p class="lead"> |
| |
6.2 | 16 | Protect XWiki logins with a second verification step using authenticator app codes, |
| 17 | email verification codes, or both. | ||
| |
1.2 | 18 | </p> |
| 19 | |||
| |
1.18 | 20 | <div class="hero-actions"> |
| 21 | <a class="btn btn-primary" href="$xwiki.getURL('contact.WebHome')">Ask about this extension</a> | ||
| 22 | <a class="btn btn-secondary" href="$xwiki.getURL('products.WebHome')">View all products</a> | ||
| 23 | </div> | ||
| 24 | </div> | ||
| 25 | </section> | ||
| 26 | |||
| 27 | <section aria-labelledby="overview-title"> | ||
| 28 | <div class="container"> | ||
| 29 | <div class="product-layout"> | ||
| 30 | <article class="product-summary-card"> | ||
| 31 | <h2 id="overview-title">Two-factor authentication built into XWiki</h2> | ||
| 32 | |||
| 33 | <p> | ||
| 34 | XWiki Two-Factor Authentication adds an additional verification screen after the standard | ||
| 35 | XWiki username and password login. It improves account protection without replacing the | ||
| 36 | familiar XWiki authentication flow. | ||
| 37 | </p> | ||
| 38 | |||
| 39 | <p> | ||
| 40 | Users can verify access with TOTP codes generated by an authenticator app, with one-time | ||
| 41 | codes delivered by email, or with a combined setup requiring both methods. | ||
| 42 | </p> | ||
| 43 | |||
| 44 | <p> | ||
| 45 | Trusted browsers or devices can be remembered for a configured period, reducing repeated | ||
| 46 | verification prompts on known clients while still requiring verification from new or untrusted ones. | ||
| 47 | </p> | ||
| 48 | </article> | ||
| 49 | |||
| 50 | <aside class="product-info-card" aria-labelledby="quick-facts-title"> | ||
| 51 | <h3 id="quick-facts-title">Quick facts</h3> | ||
| 52 | <ul> | ||
| 53 | <li>Works with the standard XWiki login flow</li> | ||
| 54 | <li>Supports authenticator app codes using TOTP</li> | ||
| 55 | <li>Supports email-delivered one-time verification codes</li> | ||
| 56 | <li>Can require app code and email code together</li> | ||
| 57 | <li>Can remember trusted browsers or devices</li> | ||
| 58 | <li>Includes administration and user setup controls</li> | ||
| 59 | </ul> | ||
| 60 | </aside> | ||
| 61 | </div> | ||
| 62 | </div> | ||
| 63 | </section> | ||
| 64 | |||
| 65 | <section aria-labelledby="features-title"> | ||
| 66 | <div class="container"> | ||
| 67 | <h2 id="features-title">Main capabilities</h2> | ||
| 68 | |||
| 69 | <p class="section-intro"> | ||
| |
6.3 | 70 | A focused set of MFA/2FA features for stronger XWiki account protection without changing the standard login experience. |
| |
1.2 | 71 | </p> |
| |
1.18 | 72 | |
| 73 | <div class="product-feature-grid"> | ||
| 74 | <article class="product-feature"> | ||
| |
6.8 | 75 | <div class="card-heading"> |
| |
6.7 | 76 | <div class="feature-icon"> |
| 77 | <i class="fa fa-key" aria-hidden="true"></i> | ||
| 78 | </div> | ||
| 79 | <h3>Second verification step</h3> | ||
| |
1.18 | 80 | </div> |
| |
6.7 | 81 | |
| |
1.18 | 82 | <p> |
| |
6.3 | 83 | After username and password verification, users complete an additional step before accessing XWiki. |
| 84 | The flow can require one verification method or both app and email codes. | ||
| |
1.18 | 85 | </p> |
| 86 | </article> | ||
| 87 | |||
| 88 | <article class="product-feature"> | ||
| |
6.8 | 89 | <div class="card-heading"> |
| |
6.7 | 90 | <div class="feature-icon"> |
| 91 | <i class="fa fa-mobile" aria-hidden="true"></i> | ||
| 92 | </div> | ||
| 93 | <h3>Authenticator app codes</h3> | ||
| |
1.18 | 94 | </div> |
| |
6.7 | 95 | |
| |
1.18 | 96 | <p> |
| 97 | Users can verify access with TOTP codes generated by authenticator applications on mobile or desktop devices. | ||
| 98 | </p> | ||
| 99 | </article> | ||
| 100 | |||
| 101 | <article class="product-feature"> | ||
| |
6.9 | 102 | <div class="card-heading"> |
| |
6.7 | 103 | <div class="feature-icon"> |
| 104 | <i class="fa fa-envelope-o" aria-hidden="true"></i> | ||
| 105 | </div> | ||
| 106 | <h3>Email verification codes</h3> | ||
| |
1.18 | 107 | </div> |
| |
6.7 | 108 | |
| |
1.18 | 109 | <p> |
| 110 | Users can receive one-time verification codes by email when an authenticator app is not available or preferred. | ||
| 111 | </p> | ||
| 112 | </article> | ||
| 113 | </div> | ||
| |
1.2 | 114 | </div> |
| |
1.18 | 115 | </section> |
| 116 | |||
| 117 | <section class="product-section-muted" aria-labelledby="security-title"> | ||
| 118 | <div class="container"> | ||
| 119 | <div class="product-layout"> | ||
| 120 | <article class="product-summary-card"> | ||
| 121 | <h2 id="security-title">Useful for XWiki security and NIS 2 readiness</h2> | ||
| 122 | |||
| 123 | <p> | ||
| 124 | Many organizations need multi-factor authentication for enterprise software, including internal | ||
| 125 | knowledge bases, intranets, documentation platforms and systems containing operational procedures | ||
| 126 | or sensitive business information. | ||
| 127 | </p> | ||
| 128 | |||
| 129 | <p> | ||
| 130 | For organizations using XWiki, adding two-factor authentication directly to the standard login flow | ||
| 131 | can help close a practical access-control gap. It can be useful for administrator accounts, remote users, | ||
| 132 | private knowledge bases and broader security readiness initiatives such as NIS 2 preparation. | ||
| 133 | </p> | ||
| 134 | |||
| 135 | <p> | ||
| 136 | This extension is not a complete compliance solution on its own, but it can provide an important | ||
| 137 | technical control for protecting access to XWiki. | ||
| 138 | </p> | ||
| 139 | </article> | ||
| 140 | |||
| 141 | <aside class="product-info-card" aria-labelledby="security-controls-title"> | ||
| 142 | <h3 id="security-controls-title">Useful for</h3> | ||
| 143 | <ul> | ||
| 144 | <li>XWiki 2FA rollout</li> | ||
| 145 | <li>XWiki MFA adoption</li> | ||
| 146 | <li>Administrator account protection</li> | ||
| 147 | <li>Remote user access protection</li> | ||
| 148 | <li>Private knowledge base security</li> | ||
| 149 | <li>NIS 2 readiness initiatives</li> | ||
| 150 | </ul> | ||
| 151 | </aside> | ||
| 152 | </div> | ||
| 153 | </div> | ||
| 154 | </section> | ||
| 155 | |||
| 156 | <section class="cta-section" aria-labelledby="cta-title"> | ||
| 157 | <div class="container"> | ||
| 158 | <div class="cta-panel"> | ||
| 159 | <h2 id="cta-title">Interested in using this extension?</h2> | ||
| 160 | <p> | ||
| 161 | Send a short message with your XWiki version, authentication setup, and whether you need | ||
| 162 | authenticator app codes, email verification codes, combined verification, or trusted-device remembering. | ||
| 163 | </p> | ||
| 164 | <a class="btn btn-primary" href="$xwiki.getURL('contact.WebHome')">Contact Agnease</a> | ||
| 165 | </div> | ||
| 166 | </div> | ||
| 167 | </section> | ||
| 168 | |||
| 169 | {{/html}} | ||
| 170 | {{/velocity}} |