Version: 1.00, by ENZO-F
Developer Last Online: Jun 2017
Category: Major Additions -
Version: 4.1.10
Rating:
Released: 01-13-2012
Last Update: 01-13-2012
Installs: 21
DB Changes Uses Plugins Template Edits Auto-Templates
Additional Files
No support by the author.
The ultimate solution in vBulletin site security!
vBulletin 4.1.9 or higher is REQUIRED.
Please PM me regarding pro version, site isn't currently ready.
Dual Authentication is the ultimate solution in vBulletin security and provides secondary authentication measures to user logins and control panel logins. When this is enabled and you login, it comes up with a prompt to enter your second authentication option. Here you must enter a second password which is AES encrypted in the database after being hashed, this eliminates the risk of MySQL injection getting the second password and makes it much harder for a hacker to get into your site (practically impossible).
If you have the pro version, the email one-time password option will send you a 6-digit code that you must enter at the prompt to login, this code changes at every login. The YubiKey option uses the keys found at http://yubico.com to authenticate you, this is the most secure as you must have the actual key. You can also configure the plugin to be used on the control panel only.
Features:
- UserCP Dual Authentication Management
- Allow users to retrieve account if they have forgotten secondary authentication information
- Per-Usergroup Authentication Permissions
- Control Panel only option (Pro Version)
Branding free is available, PM me for more information.
Installation Instructions:
1. Upload all files in the upload folder.
2. Upload the product xml into vBulletin.
3. Configure to your liking.
------------------------------------------------------------------------------------------------------
Known Issues
------------------------------------------------------------------------------------------------------
- None.
Please Mark as Installed if you have actually installed this modification and nominate as MoTM!
Do people really have that many people logging in as other users on their site? I have almost 15k members on my site right now and I haven't had an issue "yet" where people have logged in as another user and my site is several years old. I would think the extra step for authentication via email would actually deter people from registering since nowadays everyone wants quick and fast.
Do people really have that many people logging in as other users on their site? I have almost 15k members on my site right now and I haven't had an issue "yet" where people have logged in as another user and my site is several years old. I would think the extra step for authentication via email would actually deter people from registering since nowadays everyone wants quick and fast.
It depends on what type of forum you have, as in what your forum is based on.
I am trying to figure out where you are going with this other than as a means to get a few bucks in your pocket. When you say it increases site security, what exactly do you mean and how exactly does it make the site more secure. I am always interested in making my site more secure but I don't understand how this will do that since the description doesn't say much.
It's going to stop brute force password attempts and thats about it.
Coincidently it can also be stopped by enabling features already in vbulletin. It doesn't make it any harder or easier for a hacker to get in to your site, it won't make your site any more secure. The only thing I see this has is a hinderance and extra step to get your users logged in.
Infinity: Dual Authentication LITE Details »»
About Developer
DB Changes 
No support by the author.
01-15-2012, 03:02 PM
