Search Results :


Drupal Passwordless Authentication Module provides a secure way of logging into your Drupal website. Drupal Passwordless Authentication supports various methods like TOTP ( Google Authenticator, Duo Authenticator, Microsoft Authenticator, Okta Verify Authenticator, Authy Authenticator, LastPass Authenticator, etc ), Face-Recognition, Biomatric, Hardware Token (Yubikey (U2F)), OTP Over Email, OTP Over SMS, OTP Over Call, Security Questions ( KBA ).

Drupal Passwordless Authentication provides features like Role-based, Domain-based, IP whitelisting, Customize KBA questions, Reset Passwordless method, Customize Email and SMS template, Configure your own SMS and Email gateway, etc. Please click here to see the entire feature list.

If you are looking for any other passwordless login method or feature in the module please let us know on, and will add that method/feature for you in the module.

What Are Some Security Features Of Passwordless Authentication?

Secure Passwordless Authentication

Provides passwordless authentication during login via a range of methods (15+ authentication methods), including text message, hardware tokens and many more.

Support for Headless Drupal

Add a passwordless authentication module to your Headless/ Decoupled Drupal site, such that you can authenticate the Passwordless Login Code on the Front End via the Drupal Backend.

Array of Features

Enforcing passwordless authentication for all the users in your site, Backup methods like Security Questions, Backup codes and many more.

Role Based Authentication

You can enable the passwordless authentication for specific roles. Configured 2FA method will be invoked only if the user belongs to a specific group of roles.

Domain Based Authentication

You can enable the passwordless authentication for specific domains. Configured 2FA method will be invoked only if the user belongs to a specific group of domains.


You can customize the email and SMS template to send the OTP/Notification. Also you can customize the length and expiry time of OTP.


Strong Authentication

You can login using username without entering your password

Support All Phones

All types of phones are supported Smart Phones (iPhone, Android, BlackBerry), Basic Phones, Landlines, etc.

Deploy Quickly

It can be deployed for your entire userbase in minutes.

Inline Registration

It offers inline registration of users so you can simply activate and configure the module and you are all set.

24/7 Support

We provide world class continuous support and answers to all your queries and questions if you have any.

Multiple Authentication

We support multi factor authentication for all type of phones such as Soft Token, QR Code Authentication, Push Notification are supported by miniOrange Authenticator App.

Security Questions

If your phone is lost or stolen or discharged, we offer alternate login methods like OTP Over Email and Security Questions (KBA) and if your phone is offline.

Highly Secure

If you want to login from mobile untrusted/unknown device or browser, then any authentication method can be converted into Security Questions (KBA) by just one click.

Why Customers Choose Us?

Extensive Setup Guides
Easy and precise step-by-step instructional videos and setup guides to help you configure the module within minutes.
Customizable Solutions
If you require any customizations in the module, we offer custom built solutions to meet the specific needs of our clients and organizations.
Frequent security updates and a consistent 99% uptime, makes this module highly reliable and stable.
24*7 Active Support
A dedicated support team at your disposal, 24*7. Get instant help or have debugging sessions with our engineers to take a look at your sites.

Licensing Plans


For 1 User - Forever


For 1+ user

Yearly Subscription Fees*

For more than 1000 users - Contact Us

SMS Cost

(Only applicable if you will use SMS based authentication method.)

Feature Comparison




All Authentication Methods*
  • Google Authenticator
  • Duo Authenticator
  • Microsoft Authenticator
  • Okta Verify Authenticator
  • Authy Authenticator
  • LastPass Authenticator
  • miniOrange Authenticator
  • OTP Over SMS
  • OTP Over Email
  • OTP Over SMS and EMAIL
  • OTP Over Phone Call
  • Security Questions (KBA)
  • Push Notifications
  • QR Code Authentication
  • Soft Token
  • Yubikey Hardware Token
  • OTP Over WhatsApp
  • OTP Over Telegram
  • and many more
Supports all the languages
Backup security questions (KBA)
Add your own security questions
Customize number of KBA to be asked while login
Login with email address
Login with phone number
Override login form username title and description
Change app name in Google authenticator app
Custom Email Templates
Custom SMS Templates
Custom OTP length and validity
Backdoor URL (incase you get locked out)
Remember Device
Support for Headless Architecture
Enable Role based Passwordless Authentication
Enforce 2FA registration for users
Select Passwordless methods to be configure by end users
2FA over Password Reset
IP specific Passwordless (Whitelisting IP Address)
End to End Passwordless Integration**

* Few authentication methods need credits like SMS transactions, Email transactions etc.

** End to End Passwordless Integration (additional charges applied)
We will setup a Conference Call / Gotomeeting and do end to end configuration for you to setup the Drupal Passwordless Login module. We provide services to do the configuration on your behalf. If you have any doubts regarding the upgrade plans, you can mail us at

If you are looking for any other Passwordless Authentication method or custom feature, Contact Us.

Knowledge Base

Frequently Asked Questions  
Does miniOrange store any user data?
miniOrange does transfer any data out of your systems or store any Personal Identifiable Information (PII). All* the modules are completely on premise. All the data remains within your premises / server.

*Only for the Drupal 2FA module - We need to store the user's email address. For Risk Based Authentication, information such as device type, location, IP address, and time are necessary to identify the user and give access based on the risk.
Does miniorange provide developer license for paid module?
We do not provide the developer license for our paid module and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the module which can be used by the developers to extend the module's functionality.
Does miniOrange offer technical support?
Yes, we provide 24*7 support for all and any issues you might face while using the module, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.

Payment Methods

Credit Card Payment Option

Credit cards (American Express, Discover, MasterCard, and Visa) - If the payment is made through Credit Card/International Debit Card, the license will be created automatically once the payment is completed.

Bank Transfer

Please drop as an email at so that we can provide you the bank details.

Unique Case Studies

Our primary focus is on providing secure Identity and Access Management solutions around a variety of popular use-cases such as Single Sign On, Two-factor Authentication (TFA/MFA), User Provisioning, LDAP, REST API Authentication, and much more. You can read other case studies that showcase our solutions.

Implement SAML & SCIM solution
International Committee of Red Cross
Switzerland, Europe
SAML & SCIM Implementation for ICRC

We had to implement single sign-on functioning to the site while also performing syncing operations from their Identity provider to the Drupal site through System for Cross-Domain Identity Management(SCIM)

Read more 
Signle Sign On for Headless Drupal System
France, Europe
SSO for Headless Drupal System

One Headless Drupal website acting as a Service Provider and another Headless Drupal website acting as the Identity Provider.

Read more 
Decoupled OAuth - PKCE Single Sign On Flow
United State
Decoupled OAuth - PKCE SSO Flow

Configuring SSO using the OAuth PKCE Protocol on a complex Decoupled Drupal Website using a custom, widely popular Identity Provider (IdP)

Read more 

What Our Customers Have To Say About Us

"I highly recommend the company and the product"

This is a well designed. Implemented and documented product. It installed quickly, worked seamlessly, has very solid configuration options and works exactly as we needed it. I highly recommend the company and the product. I had a number of questions along the way, and each one was answered by the beginning of business with clarity and helpfulness and a good explanation. There are good training videos on the product, which get you 90% of the way there.

Drupal modules | Customer Reviews

Great product, great service!

Drupal modules | Customer Reviews

We had a production issue in the middle of the night and the miniorange support team jumped in and helped us get our site back online. Great product, great service!


Drupal Single Sign-On | Customer Reviews

I had issues with documentation and emailed there support, within a day they responded. withing couple days (due to weekend), we had a zoom meeting with them troubleshooting and eventually walking me thru another configuration.

Excellent Support

Drupal Single Sign-On | Customer Reviews

Well written module paired with excellent support. I was having trouble connecting to our Azure AD B2C custom flow and the support team were very responsive in getting back to me and scheduling a support call. They were able to help me determine the areas that needed fixing and I was up and running pretty quickly.

Read more about what our most pleased consumers have to say!

Reviews & Rating
Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to