Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons

Reply
 
Thread Tools
Infinity: Dual Authentication LITE Details »»
Infinity: Dual Authentication LITE
Version: 1.00, by ENZO-F ENZO-F is offline
Developer Last Online: Jun 2017 Show Printable Version Email this Page

Category: Major Additions - Version: 4.1.10 Rating:
Released: 01-13-2012 Last Update: 01-13-2012 Installs: 21
DB Changes Uses Plugins Template Edits Auto-Templates
Additional Files  
No support by the author.

The ultimate solution in vBulletin site security!


vBulletin 4.1.9 or higher is REQUIRED.
Please PM me regarding pro version, site isn't currently ready.


Dual Authentication is the ultimate solution in vBulletin security and provides secondary authentication measures to user logins and control panel logins. When this is enabled and you login, it comes up with a prompt to enter your second authentication option. Here you must enter a second password which is AES encrypted in the database after being hashed, this eliminates the risk of MySQL injection getting the second password and makes it much harder for a hacker to get into your site (practically impossible).

If you have the pro version, the email one-time password option will send you a 6-digit code that you must enter at the prompt to login, this code changes at every login. The YubiKey option uses the keys found at http://yubico.com to authenticate you, this is the most secure as you must have the actual key. You can also configure the plugin to be used on the control panel only.

Authentication Methods:
- Secondary Password
- Email One-Time Key (Pro Version)
- YubiKey (Pro version)

Features:
- UserCP Dual Authentication Management
- Allow users to retrieve account if they have forgotten secondary authentication information
- Per-Usergroup Authentication Permissions
- Control Panel only option (Pro Version)

Branding free is available, PM me for more information.

Installation Instructions:
1. Upload all files in the upload folder.
2. Upload the product xml into vBulletin.
3. Configure to your liking.

------------------------------------------------------------------------------------------------------
Known Issues
------------------------------------------------------------------------------------------------------

- None.

Please Mark as Installed if you have actually installed this modification and nominate as MoTM!

Screenshots

File Type: png Screen Shot 2012-01-15 at 10.57.37.png (28.4 KB, 0 views)
File Type: png Screen Shot 2012-01-15 at 10.57.55.png (153.0 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
2 благодарности(ей) от:
Brexen, TheLastSuperman

Comments
  #12  
Old 01-15-2012, 02:25 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Control Panel only option (Pro Version)
can you show a screen shot of what this looks like
Reply With Quote
  #13  
Old 01-15-2012, 03:02 PM
ENZO-F's Avatar
ENZO-F ENZO-F is offline
 
Join Date: Jun 2010
Posts: 53
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ForceHSS View Post
Control Panel only option (Pro Version)
can you show a screen shot of what this looks like
It does the same thing, just only on the control panel. Protection where you need it, without disrupting every login.
Reply With Quote
  #14  
Old 01-15-2012, 03:08 PM
New Joe's Avatar
New Joe New Joe is offline
 
Join Date: May 2009
Posts: 1,128
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How does a member set this second password?
Reply With Quote
  #15  
Old 01-15-2012, 03:09 PM
ENZO-F's Avatar
ENZO-F ENZO-F is offline
 
Join Date: Jun 2010
Posts: 53
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by New Joe View Post
How does a member set this second password?
UserCP -> Dual Authentication
Reply With Quote
  #16  
Old 01-15-2012, 03:58 PM
Rich's Avatar
Rich Rich is offline
 
Join Date: Mar 2004
Location: U.S.A
Posts: 921
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Do people really have that many people logging in as other users on their site? I have almost 15k members on my site right now and I haven't had an issue "yet" where people have logged in as another user and my site is several years old. I would think the extra step for authentication via email would actually deter people from registering since nowadays everyone wants quick and fast.
Reply With Quote
  #17  
Old 01-15-2012, 04:05 PM
ENZO-F's Avatar
ENZO-F ENZO-F is offline
 
Join Date: Jun 2010
Posts: 53
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Rich View Post
Do people really have that many people logging in as other users on their site? I have almost 15k members on my site right now and I haven't had an issue "yet" where people have logged in as another user and my site is several years old. I would think the extra step for authentication via email would actually deter people from registering since nowadays everyone wants quick and fast.
It depends on what type of forum you have, as in what your forum is based on.
Reply With Quote
  #18  
Old 01-15-2012, 04:18 PM
Rich's Avatar
Rich Rich is offline
 
Join Date: Mar 2004
Location: U.S.A
Posts: 921
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thats a good point. There really is no benefit to logging in as another user on my site. lol
Reply With Quote
  #19  
Old 01-15-2012, 11:45 PM
ENZO-F's Avatar
ENZO-F ENZO-F is offline
 
Join Date: Jun 2010
Posts: 53
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

People usually try it on boards with premium membership or something similar.
Reply With Quote
  #20  
Old 01-16-2012, 11:56 PM
BSMedia BSMedia is offline
 
Join Date: Feb 2009
Posts: 454
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Rich View Post
I am trying to figure out where you are going with this other than as a means to get a few bucks in your pocket. When you say it increases site security, what exactly do you mean and how exactly does it make the site more secure. I am always interested in making my site more secure but I don't understand how this will do that since the description doesn't say much.
It's going to stop brute force password attempts and thats about it.

Coincidently it can also be stopped by enabling features already in vbulletin. It doesn't make it any harder or easier for a hacker to get in to your site, it won't make your site any more secure. The only thing I see this has is a hinderance and extra step to get your users logged in.
Reply With Quote
  #21  
Old 01-17-2012, 07:01 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Removed this as it is causing alot of lag on my site
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:00 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04911 seconds
  • Memory Usage 2,333KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (11)post_thanks_box
  • (2)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (2)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete