Introduction
OTP Email MFA is a Multi-factor authentication plugin that sends a one-time password to a user's email providing an additional layer of security.
Multi-Factor Authentication (MFA) is a security best practice that adds an extra layer of protection on top of a username and password combination. By requiring an additional authentication code from a trusted device, MFA safeguards access to a user’s account even if the password is compromised.
Get Started
Steps to Import this Plugin
1. Go to the website https://github.com/jogetoss/otp-email-mfa.
2. Go to the "Releases" page (See Figure 1).
Figure 1
3. Click on the .jar file to initiate the download (See Figure 2).
Figure 2
4. Go to your Joget Workflow localhost or server and log in as admin.
5. In Joget Console navigate to "Admin Bar > Systems Settings > Manage Plugins" and click the "Upload Plugins" button.
6. In "Upload Plugin", select the plugin .jar file you just downloaded, then click "Upload".
7. You should be able to view the newly installed plugin under the "Installed Plugins" tab.
8. Remember to always uninstall the old plugin before uploading a new version.
9. The Joget Workflow Knowledge Base has more information on managing and developing plugins.
Steps to Use this Plugin
Steps for Administrators
1. Start the Joget server and open the App Center.
2. Log in as admin, click on Settings in the admin bar, and navigate to Directory Manager Settings. (See Figure 3)
Figure 3
3. Choose the Security Enhanced Directory Manager in the Select Plugin field and select OTP Email MFA Authenticator for the Multi-Factor Authenticator property and click "Submit". (See Figure 4)
Figure 4
5. Once the OTP Email MFA Authenticator has been enabled, users will be able to enable MFA individually in their User profile.
Steps for Users
1. Users can activate OTP Email MFA Authenticator in their respective user profiles by clicking the "Activate" button. (See Figure 5)
Figure 5
2. Before activating OTP Email MFA Authenticator, users should make sure that a valid and working email has been registered in their profile under the User Details section as the email containing the OTP will be sent to this registered email.
3. A popup dialog will appear showing a Password field to submit the email OTP sent to the user. If the code is valid, OTP Email MFA will be activated (See Figure 6).
\
Figure 6
4. The users should always remember to save their user profile after activating MFA.
5. On subsequent logins, the users will be prompted for an OTP password which will always be sent to the user's email.
Deactivating Multi-Factor Authentication
1. As a user, you can disable OTP Email MFA Authenticator by clicking on the Deactivate button in your user profile. (See Figure 7)
Figure 7
2. Administrators can also disable MFA for a specific user by selecting the Setup Users under Users in the admin bar and clicking on the Deactivate MFA button. (See Figure 8)
Figure 8
One-time Password Email MFA Authenticator Properties
Configure One-time Password Email MFA Authenticator
Name | Description |
---|---|
Validity Period (minute) | Expiration time for the One Time Password (OTP) sent to the user's email registered in the profile to remain valid in minutes. The default value is 5 minutes. |
Subject | The subject of the email with the OTP. |
Message | The message to be displayed in the email. |