vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 4.x Add-ons (https://vborg.vbsupport.ru/forumdisplay.php?f=245)
-   -   Major Additions - Infinity: Dual Authentication LITE (https://vborg.vbsupport.ru/showthread.php?t=276988)

ENZO-F 01-13-2012 11:00 PM
Infinity: Dual Authentication LITE
 
1 Attachment(s)
The ultimate solution in vBulletin site security!


vBulletin 4.1.9 or higher is REQUIRED.
Please PM me regarding pro version, site isn't currently ready. :p

Dual Authentication is the ultimate solution in vBulletin security and provides secondary authentication measures to user logins and control panel logins. When this is enabled and you login, it comes up with a prompt to enter your second authentication option. Here you must enter a second password which is AES encrypted in the database after being hashed, this eliminates the risk of MySQL injection getting the second password and makes it much harder for a hacker to get into your site (practically impossible).

If you have the pro version, the email one-time password option will send you a 6-digit code that you must enter at the prompt to login, this code changes at every login. The YubiKey option uses the keys found at http://yubico.com to authenticate you, this is the most secure as you must have the actual key. You can also configure the plugin to be used on the control panel only.

Authentication Methods:
- Secondary Password
- Email One-Time Key (Pro Version)
- YubiKey (Pro version)

Features:
- UserCP Dual Authentication Management
- Allow users to retrieve account if they have forgotten secondary authentication information
- Per-Usergroup Authentication Permissions
- Control Panel only option (Pro Version)

Branding free is available, PM me for more information.

Installation Instructions:
1. Upload all files in the upload folder.
2. Upload the product xml into vBulletin.
3. Configure to your liking.

------------------------------------------------------------------------------------------------------
Known Issues
------------------------------------------------------------------------------------------------------
- None.

Please Mark as Installed if you have actually installed this modification and nominate as MoTM!

nickk96 01-14-2012 11:16 PM
fgt

tafreeh 01-15-2012 02:15 AM
how much is for pro version and where can we get pro version from ?

Mr_Running 01-15-2012 02:34 AM
ENZO_F
said :)
Quote:
Please PM me regarding pro version, site isn't currently ready.
Branding free is available, PM me for more information

Rich 01-15-2012 04:42 AM
I am trying to figure out where you are going with this other than as a means to get a few bucks in your pocket. When you say it increases site security, what exactly do you mean and how exactly does it make the site more secure. I am always interested in making my site more secure but I don't understand how this will do that since the description doesn't say much.

ENZO-F 01-15-2012 09:57 AM
Quote:
Originally Posted by Rich (Post 2288017)
I am trying to figure out where you are going with this other than as a means to get a few bucks in your pocket. When you say it increases site security, what exactly do you mean and how exactly does it make the site more secure. I am always interested in making my site more secure but I don't understand how this will do that since the description doesn't say much.
When this is enabled and you login, it comes up with a prompt to enter your second authentication option. Here you must enter a second password which is AES encrypted in the database after being hashed, this eliminates the risk of MySQL injection getting the second password and makes it much harder for a hacker to get into your site (practically impossible unless keylogged).

If you have the pro version, the email one-time password will send you a 6-digit code that you must enter at the prompt to login, this code changes at ever login. The YubiKey option uses the keys found at http://yubico.com to authenticate you, this is the most secure as you must have the actual key. :)

ENZO-F 01-15-2012 10:11 AM
Quote:
Originally Posted by tafreeh (Post 2287987)
how much is for pro version and where can we get pro version from ?
PM me.

reversedesigns 01-15-2012 10:43 AM
nice enzo f seen this on ngu works great :)

ForceHSS 01-15-2012 11:19 AM
do we also upload .DS_Store file and the permissions off dualauth.php is 604 ok

ENZO-F 01-15-2012 11:23 AM
Quote:
Originally Posted by ForceHSS (Post 2288102)
do we also upload .DS_Store file and the permissions off dualauth.php is 604 ok
You don't need to upload the .DS_Store file and 604 should be alright, unless you use group permissions.

ForceHSS 01-15-2012 02:25 PM
Control Panel only option (Pro Version)
can you show a screen shot of what this looks like

ENZO-F 01-15-2012 03:02 PM
Quote:
Originally Posted by ForceHSS (Post 2288156)
Control Panel only option (Pro Version)
can you show a screen shot of what this looks like
It does the same thing, just only on the control panel. Protection where you need it, without disrupting every login. :p

New Joe 01-15-2012 03:08 PM
How does a member set this second password?

ENZO-F 01-15-2012 03:09 PM
Quote:
Originally Posted by New Joe (Post 2288181)
How does a member set this second password?
UserCP -> Dual Authentication ;)

Rich 01-15-2012 03:58 PM
Do people really have that many people logging in as other users on their site? I have almost 15k members on my site right now and I haven't had an issue "yet" where people have logged in as another user and my site is several years old. I would think the extra step for authentication via email would actually deter people from registering since nowadays everyone wants quick and fast.

ENZO-F 01-15-2012 04:05 PM
Quote:
Originally Posted by Rich (Post 2288199)
Do people really have that many people logging in as other users on their site? I have almost 15k members on my site right now and I haven't had an issue "yet" where people have logged in as another user and my site is several years old. I would think the extra step for authentication via email would actually deter people from registering since nowadays everyone wants quick and fast.
It depends on what type of forum you have, as in what your forum is based on.

Rich 01-15-2012 04:18 PM
Thats a good point. There really is no benefit to logging in as another user on my site. lol

ENZO-F 01-15-2012 11:45 PM
People usually try it on boards with premium membership or something similar.

BSMedia 01-16-2012 11:56 PM
Quote:
Originally Posted by Rich (Post 2288017)
I am trying to figure out where you are going with this other than as a means to get a few bucks in your pocket. When you say it increases site security, what exactly do you mean and how exactly does it make the site more secure. I am always interested in making my site more secure but I don't understand how this will do that since the description doesn't say much.
It's going to stop brute force password attempts and thats about it.

Coincidently it can also be stopped by enabling features already in vbulletin. It doesn't make it any harder or easier for a hacker to get in to your site, it won't make your site any more secure. The only thing I see this has is a hinderance and extra step to get your users logged in.

ForceHSS 01-17-2012 07:01 PM
Removed this as it is causing alot of lag on my site

Markos 03-08-2012 08:37 AM
Hi ive just installed this last night and the usergoups that don't have permission to use this cant read there pm it says they don't have permission to read there private messages any help ?

Prorockz 11-11-2012 05:45 PM
anything related to vBulletin 3.8x?

craigvm 06-23-2013 07:38 AM
Quote:
Originally Posted by Markos (Post 2307400)
Hi ive just installed this last night and the usergoups that don't have permission to use this cant read there pm it says they don't have permission to read there private messages any help ?
i`m sure i had this issue when i tried it

Polaris4ever12 06-28-2013 02:27 AM
Message me please, or add my skype: Polaris4ever1 I want the pro version, we can talk about this :p

AK47- 07-28-2013 06:04 PM
Pro version seems promising

davidg 07-28-2013 07:11 PM
AK47- what are u trying to say with your post ? and if is free why u dont post the url where people can download the mod ?


All times are GMT. The time now is 01:42 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01932 seconds
  • Memory Usage 1,770KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (9)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (26)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete