This RoundCube plugin adds the Google 2-step verification to the login proccess.
You can use google-authenticator and insert the secret generated into the config, also recovery codes
Uses Michael Kliewe's GoogleAuthenticator class
form js from dynalogin plugin
Also thx to Victor R. Rodriguez Dominguez for some ideas and support
-
Clone from github: HOME_RC/plugins$ git clone https://github.com/alexandregz/twofactor_gauthenticator.git
-
Activate the plugin into HOME_RC/config/main.inc.php: $rcmail_config['plugins'] = array('twofactor_gauthenticator');
Go to Settings task and activate (and save) into "2steps Google verification" menu.
The plugin creates automatically the secret if you doesn't this.
To add accounts to the app, you can use the QR-Code (easy-way) or type the secret.
Also, you can add "Recovery codes" for use one time (they delete when are used). Recovery codes are OPTIONAL, so they can not appears
If config value force_enrollment_users is true, ALL users needs to login with 2-steps method. They receive alert message about that, and they can't skip without save configuration
Codes have a 2*30 seconds clock tolerance, like by default with Google app (Maybe editable in future versions)
GPLv2, see License
Tested with RoundCube 0.9.5 and Google app
Alexandre Espinosa Menor aemenor@gmail.com