TwoWay is a plugin providing Two Step Authentication to securely access you liferay portal.
2-way verification adds an extra layer of security for your Liferay Portal account by requiring you to enter a verification code in addition to your username and password, when signing in to your account.
The activation process and the User Experience is very similar to the google Two Step Authentication and you can refer to the documentation page for more information at http://goo.gl/XH6ys
Main features are Liferay TwoWay Authentication:
- It works seamlessly with the Google Authenticator app available for free for iPhone, iPad and Android devices. Please note that the authentication code is based on time so your device time must be in sync to the time of your server (no matter for the timezone).
- Authentication code can also be received through SMS. At the moment we interfaced the Twilio API
- Portal Admin can configure the plugin in the control panel, specifying the authorization parameters for the corporate Twilio account that will be billed for the SMS. You can also register to www.twilio.com for a demo account to test the plugin. May you require a different SMS gateway, please contact us at email@example.com.
- Backup codes are supported so that you can access your portal account even in case of limited access to you device. The user can generate 10 backup codes that work as an only once password to access their account. Backup code can be discarded at any time by the user in their control panel.
- User ca define application specific passwords, so for example you can activate TwoWay Authentication and still connect to you Document and Media Library folders using Liferay Sync or connect your external app that connects to the user's accoutn using Liferay SOAP/REST API.
- Once deployed on you portal, users can activate TwoWay from the menu in their profile or through control panel. Being this a limited free version f the plugin, only regular users can activate the TwoWay Authentication. Portal Admin can't do that at the moment. May you be interested in premium features and Enterprise Support, please contact us at firstname.lastname@example.org
More end user and advanced administrator features are in our roadmap. May you be interested in further information please contact us at email@example.com
Portal Admin NOTE: you have to manually configure you portal-ext.properties adding auth.pipeline.enable.liferay.check=false
We're investigating how to keep auth pipeline enabled (thus granting support to external LDAP integrations and so on ...)