Make it harder for attackers to get a hold of your users accounts but also use it as a way for you to be sure that your users gave you legitimate contact information.
Security is important! Privacy as well! You want your users to feel safe when using your services and therefore you do whatever possible to enforce that feeling:
- use a SSL
- increase password complexity (in time, MyFavouritePassword changed to MyF@v0ur1t3P@ssword and now looks likeĀ !^*3n?w_H6wrU=JYunYX)
- lock accounts for X amount of time after Y failed login attempts
But even so you're not 100% protected. Brute forcing is like eating chips in front of the TV now and all the above might delay it but will never stop the inevitable.
Take action and implement a 2 step authentication login to increase your users account security.
Here's the full video tutorial that shows you how to implement two step login with a couple of DNN Sharp modules and some Add-ons to spice things up. It is most definitely not the perfect implementation but you can consider it a Proof Of Concept and work around it to build something better and most of all better looking.
Here's the perfect recipe of a simple 2 factor authentication (2FA) implementation in DotNetNuke:
- you take 1 spoon of TabsPro (just to show the 2 forms in tabs but you can also achieve this with a little bootstrap of your own)
- add a pinch of couple Action Form fields and buttons
- spice that up with a couple of add-ons (like Clickatell for example) to easily send SMS to users
- stir well and then place them nicely on a DNN website
Watch the video tutorial to see our "Chef" in action and don't be afraid to experiment with a couple ingredients of your own (CSS, HTML, Javascript, jQuery, Bootstrap).