@nikosdion nikosdion released this Sep 4, 2018

Assets 3

Release highlights

See which users have 2SV enabled or not. A new page in the backend of the component gives you an overview of the 2SV status of your users.

Ability to force-disable TSV for specific user groups. Highly discouraged. In some cases you may want to prevent certain user groups from applying two step verification. This leads to decreased security of their accounts. Use wisely or, better yet, do not use it at all.

Forced 2SV for specific user groups (gh-49). Require certain user groups to enable two step verification for their accounts. They won't be allowed access to the site until they enable 2SV on their accounts. This is strongly recommended for anyone who can publish information directly or make changes to your site (not just Super Users but also Administrators, Publishers, Editors etc).

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6, 3.7 and 3.8.

Akeeba LoginGuard requires PHP 5.4 or later. It's also compatible with PHP 5.5, 5.6, 7.0, 7.1 and 7.2.

We strongly recommend using the latest published Joomla! version and PHP 7.2 or later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Changelog

New

  • Users page to see which users have 2SV enabled or not
  • Ability to force-disable TSV for specific user groups
  • gh-49 Forced 2SV for specific user groups

Other changes

  • Joomla! 3.9 backend Components menu item compatibility
  • Allow com_ajax in the captive page (used by cookie banners and similar)

Bug fixes

  • U2F might fail on Firefox due to a missing semicolon

@nikosdion nikosdion released this May 22, 2018 · 11 commits to development since this release

Assets 3

Release highlights

Rewritten interface using the FOF framework. This version of Akeeba LoginGuard uses our FOF framework instead of Joomla's core MVC framework. This allows us to support a wider variety of Joomla! versions more easily and with much less pain for you.

Rewritten interface using our own CSS framework. We have created our own CSS framework which works across different Joomla! versions and even with templates which don't use Bootstrap (the official CSS framework of Joomla! itself). This makes our software better looking in even more sites without customization right out of the box.

Preliminary Joomla! 4 compatibility (tested against 4.0.0 Alpha 2). Our software includes preliminary compatibility for Joomla! 4. We have tested our software against Joomla! 4.0.0 Alpha 2. We cannot promise that this will ensure compatibility with Joomla! 4 stable. Depending on how Joomla! 4 development proceeds we may have to postpone or temporarily suspend Joomla! 4 compatibility in the future.

Minimum requirements increased to PHP 5.4 or later. Tested up to and including PHP 7.2.. This version of our software no longer supports PHP 5.3. Please note that PHP 5.3 has been end of life since August 14th, 2014.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6, 3.7 and 3.8. Preliminary support for Joomla! 4 is present but does not guarantee compatibility with a future release of Joomla! 4 stable and be postponed or temporarily suspended depending on Joomla 4's development.

Akeeba LoginGuard requires PHP 5.4 or later. It's also compatible with PHP 5.5, 5.6, 7.0, 7.1 and 7.2.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Language files

Akeeba LoginGuard comes with English (Great Britain) language built-in. Installation packages for other languages are available on our language download page.

Changelog

Other changes

  • Rewritten interface using the FOF framework
  • Rewritten interface using our own CSS framework
  • Preliminary Joomla! 4 compatibility (tested against 4.0.0 Alpha 2)
  • Minimum requirements increased to PHP 5.4 or later. Tested up to and including PHP 7.2.

Bug fixes

  • PHP Notice when the user does not have any backup codes (it can only happen if you tamper with the database).

@nikosdion nikosdion released this Apr 3, 2018 · 41 commits to development since this release

Assets 3

Release highlights

Rewritten interface using the FOF framework. This version of Akeeba LoginGuard uses our FOF framework instead of Joomla's core MVC framework. This allows us to support a wider variety of Joomla! versions more easily and with much less pain for you.

Rewritten interface using our own CSS framework. We have created our own CSS framework which works across different Joomla! versions and even with templates which don't use Bootstrap (the official CSS framework of Joomla! itself). This makes our software better looking in even more sites without customization right out of the box.

Preliminary Joomla! 4 compatibility (tested against 4.0.0 Alpha 2). Our software includes preliminary compatibility for Joomla! 4. We have tested our software against Joomla! 4.0.0 Alpha 2. We cannot promise that this will ensure compatibility with Joomla! 4 stable. Depending on how Joomla! 4 development proceeds we may have to postpone or temporarily suspend Joomla! 4 compatibility in the future.

Minimum requirements increased to PHP 5.4 or later. Tested up to and including PHP 7.2.. This version of our software no longer supports PHP 5.3. Please note that PHP 5.3 has been end of life since August 14th, 2014.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6, 3.7 and 3.8. Preliminary support for Joomla! 4 is present but does not guarantee compatibility with a future release of Joomla! 4 stable and be postponed or temporarily suspended depending on Joomla 4's development.

Akeeba LoginGuard requires PHP 5.4 or later. It's also compatible with PHP 5.5, 5.6, 7.0, 7.1 and 7.2.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Language files

Akeeba LoginGuard comes with English (Great Britain) language built-in. Installation packages for other languages are available on our language download page.

Changelog

Other changes

  • Rewritten interface using the FOF framework
  • Rewritten interface using our own CSS framework
  • Preliminary Joomla! 4 compatibility (tested against 4.0.0 Alpha 2)
  • Minimum requirements increased to PHP 5.4 or later. Tested up to and including PHP 7.2.

Bug fixes

  • PHP Notice when the user does not have any backup codes (it can only happen if you tamper with the database).

@nikosdion nikosdion released this Mar 26, 2018 · 47 commits to development since this release

Assets 3

Release highlights

Rewritten interface using the FOF framework. This version of Akeeba LoginGuard uses our FOF framework instead of Joomla's core MVC framework. This allows us to support a wider variety of Joomla! versions more easily and with much less pain for you.

Rewritten interface using our own CSS framework. We have created our own CSS framework which works across different Joomla! versions and even with templates which don't use Bootstrap (the official CSS framework of Joomla! itself). This makes our software better looking in even more sites without customization right out of the box.

Preliminary Joomla! 4 compatibility (tested against 4.0.0 Alpha 2). Our software includes preliminary compatibility for Joomla! 4. We have tested our software against Joomla! 4.0.0 Alpha 2. We cannot promise that this will ensure compatibility with Joomla! 4 stable. Depending on how Joomla! 4 development proceeds we may have to postpone or temporarily suspend Joomla! 4 compatibility in the future.

Minimum requirements increased to PHP 5.4 or later. Tested up to and including PHP 7.2.. This version of our software no longer supports PHP 5.3. Please note that PHP 5.3 has been end of life since August 14th, 2014.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6, 3.7 and 3.8. Preliminary support for Joomla! 4 is present but does not guarantee compatibility with a future release of Joomla! 4 stable and be postponed or temporarily suspended depending on Joomla 4's development.

Akeeba LoginGuard requires PHP 5.4 or later. It's also compatible with PHP 5.5, 5.6, 7.0, 7.1 and 7.2.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Language files

Akeeba LoginGuard comes with English (Great Britain) language built-in. Installation packages for other languages are available on our language download page.

Changelog

Other changes

  • Rewritten interface using the FOF framework
  • Rewritten interface using our own CSS framework
  • Preliminary Joomla! 4 compatibility (tested against 4.0.0 Alpha 2)
  • Minimum requirements increased to PHP 5.4 or later. Tested up to and including PHP 7.2.

Bug fixes

  • PHP Notice when the user does not have any backup codes (it can only happen if you tamper with the database).

@nikosdion nikosdion released this Sep 20, 2017 · 106 commits to development since this release

Assets 3

Release highlights

Backup codes are more obvious. We changed the way the Backup Codes header renders to make their existence and intent more obvious to your site's users.

Auto-focus the two step verification field. So you can just type your code / press the button on your YubiKey without needing to move your hands off the keyboard or hit TAB a million times.

Bug fixes. A number of bugs and oversights have been corrected in this version.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6, 3.7 and 3.8. It requires PHP 5.3.10 or later, the same minimum PHP version as Joomla! itself. It's also compatible with PHP 5.4, 5.5, 5.6, 7.0, 7.1 and 7.2.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or 7.1 later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Changelog

Other changes

  • Make the intent of Backup Codes more obvious
  • Auto-focus the two step verification field
  • Do not escape the LoginGuard method title (allows for title formatting, e.g. with the backup codes method)

Bug fixes

  • The emergency backup codes could be reused

@nikosdion nikosdion released this Jul 18, 2017 · 117 commits to development since this release

Assets 3

Release highlights

Improved U2F. You don't have to press a button on the screen to start the U2F authentication process, just like GitHub implements it.

Show the TFA status in the user profile page. Yuu can now see the TFA status and quickly turn it off from the user profile page.

Bug fixes. A number of bugs and oversights have been corrected in this version.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6 and 3.7. It requires PHP 5.3.10 or later, the same minimum PHP version as Joomla! itself. It's also compatible with PHP 5.4, 5.5, 5.6, 7.0 and 7.1.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or 7.1 later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Changelog

Other changes

  • Improved static media versioning.
  • Security Key (U2F) plugin: start the U2F validation request immediately, without having to press the button on the screen.
  • Security Key (U2F) plugin: do not show the confusing Validate button.
  • Show TFA status in the Profile status page (before editing).

Bug fixes

  • Missing file.
  • PHP warnings on Joomla! 3.7.0 because Joomla! broke backwards compatibility, again.
  • Disabling method batching doesn't display each authentication method separately in the captive page.
  • Backup Codes not shown in the authentication method selection page.
  • Workaround for Joomla! Bug 16147 (joomla/joomla-cms#16147) - Cannot access component after installation when cache is enabled

@nikosdion nikosdion released this Apr 24, 2017 · 128 commits to development since this release

Assets 3

Release highlights

More Second Step Verification methods. You can now send authentication codes to users using e-mail, push messages or texts (SMS).

Compatible with Joomla's Remember Me feature. When you are logged back into the site through Joomla!'s Remember Me feature's cookies you will not be asked to re-authenticate.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6 and 3.7. It requires PHP 5.3.10 or later, the same minimum PHP version as Joomla! itself. It's also compatible with PHP 5.4, 5.5, 5.6, 7.0 and 7.1.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or 7.1 later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Changelog

New features

  • Send authentication code by email
  • Send authentication code by push message (using PushBullet)
  • Send authentication code by mobile text message (using SMSAPI.com)
  • Don't ask for 2SV when the Remember Me plugin logs you back in

Bug fixes

  • The query disappears from the URL after authenticating the second factor
  • You can see the first time setup page after logging out
  • Some browser and server combinations end up with the browser sending double requests to the captive login page making U2F authentication all but impossible.
  • Missing file

@nikosdion nikosdion released this Apr 24, 2017 · 139 commits to master since this release

Assets 3

Release highlights

More Second Step Verification methods. You can now send authentication codes to users using e-mail, push messages or texts (SMS).

Compatible with Joomla's Remember Me feature. When you are logged back into the site through Joomla!'s Remember Me feature's cookies you will not be asked to re-authenticate.

For more information and documentation for administrators, users and developers please consult the documentation Wiki.

Joomla and PHP Compatibility

Akeeba LoginGuard is compatible with Joomla! 3.4, 3.5, 3.6 and 3.7. It requires PHP 5.3.10 or later, the same minimum PHP version as Joomla! itself. It's also compatible with PHP 5.4, 5.5, 5.6, 7.0 and 7.1.

We strongly recommend using the latest published Joomla! version and PHP 7.0 or 7.1 later for optimal security of your site. It makes no sense adding two step login verification to a site that's running vulnerable software. It's like locking your door and leaving your windows wide open. It will not keep the bad guys out.

Changelog

New features

  • Send authentication code by email
  • Send authentication code by push message (using PushBullet)
  • Send authentication code by mobile text message (using SMSAPI.com)
  • Don't ask for 2SV when the Remember Me plugin logs you back in

Bug fixes

  • The query disappears from the URL after authenticating the second factor
  • You can see the first time setup page after logging out
  • Some browser and server combinations end up with the browser sending double requests to the captive login page making U2F authentication all but impossible.
Mar 12, 2017
Tagging 1.0.0
Mar 1, 2017
Close gh-5 U2F plugin
Better layout