Drupal Passwordless Authentication Module provides a secure way of logging into your Drupal website. Drupal Passwordless Authentication supports various methods like TOTP ( Google Authenticator, Duo Authenticator, Microsoft Authenticator, Okta Verify Authenticator, Authy Authenticator, LastPass Authenticator, etc ), Face-Recognition, Biomatric, Hardware Token (Yubikey (U2F)), OTP Over Email, OTP Over SMS, OTP Over Call, Security Questions ( KBA ).
Drupal Passwordless Authentication provides features like Role-based, Domain-based, IP whitelisting, Customize KBA questions, Reset Passwordless method, Customize Email and SMS template, Configure your own SMS and Email gateway, etc. Please click here to see the entire feature list.
If you are looking for any other passwordless login method or feature in the module please let us know on drupalsupport@xecurify.com, and will add that method/feature for you in the module.
What Are Some Security Features Of Passwordless Authentication?
Secure Passwordless Authentication
Provides passwordless authentication during login via a range of methods (15+ authentication methods), including text message, hardware tokens and many more.
Support for Headless Drupal
Add a passwordless authentication module to your Headless/ Decoupled Drupal site, such that you can authenticate the Passwordless Login Code on the Front End via the Drupal Backend.
Array of Features
Enforcing passwordless authentication for all the users in your site, Backup methods like Security Questions, Backup codes and many more.
Role Based Authentication
You can enable the passwordless authentication for specific roles. Configured 2FA method will be invoked only if the user belongs to a specific group of roles.
Domain Based Authentication
You can enable the passwordless authentication for specific domains. Configured 2FA method will be invoked only if the user belongs to a specific group of domains.
Customization
You can customize the email and SMS template to send the OTP/Notification. Also you can customize the length and expiry time of OTP.
Supported Authentication Methods
Time Based Authentication methods
OTP Based Authentication methods
Other Authentication methods
Benefits
Strong Authentication
You can login using username without entering your password
Support All Phones
All types of phones are supported Smart Phones (iPhone, Android, BlackBerry), Basic Phones, Landlines, etc.
Deploy Quickly
It can be deployed for your entire userbase in minutes.
Inline Registration
It offers inline registration of users so you can simply activate and configure the module and you are all set.
24/7 Support
We provide world class continuous support and answers to all your queries and questions if you have any.
Multiple Authentication
Methods
We support multi factor authentication for all type of phones such as Soft Token, QR Code Authentication, Push Notification are supported by miniOrange Authenticator App.
Security Questions
If your phone is lost or stolen or discharged, we offer alternate login methods like OTP Over Email
and Security Questions (KBA) and if your phone is offline.
Highly Secure
If you want to login from mobile untrusted/unknown device or browser, then any authentication
method can be converted into Security Questions (KBA) by just one click.
Why Customers Choose Us?
Licensing Plans
Premium
For 1+ user
Yearly Subscription Fees*
For more than 1000 users - Contact Us
SMS Cost
(Only applicable if you will use SMS based authentication method.)
Feature Comparison
Features |
Free |
Premium |
|---|---|---|
All
Authentication Methods*
|
||
| Supports all the languages | ||
| Backup security questions (KBA) | ||
| Add your own security questions | ||
| Customize number of KBA to be asked while login | ||
| Login with email address | ||
| Login with phone number | ||
| Override login form username title and description | ||
| Change app name in Google authenticator app | ||
| Custom Email Templates | ||
| Custom SMS Templates | ||
| Custom OTP length and validity | ||
| Backdoor URL (incase you get locked out) | ||
| Remember Device | ||
| Support for Headless Architecture | ||
| Enable Role based Passwordless Authentication | ||
| Enforce 2FA registration for users | ||
| Select Passwordless methods to be configure by end users | ||
| 2FA over Password Reset | ||
| IP specific Passwordless (Whitelisting IP Address) | ||
| End to End Passwordless Integration** |
* Few authentication methods need credits like SMS transactions, Email transactions etc.
** End to End Passwordless Integration (additional charges applied)
We will setup a Conference Call / Gotomeeting and do end to end configuration for you to setup the Drupal Passwordless Login module. We provide services to do the configuration on your behalf. If you have any doubts regarding the upgrade plans, you can mail us at drupalsupport@xecurify.com.
If you are looking for any other Passwordless Authentication method or custom feature, Contact Us.
Knowledge Base
*Only for the Drupal 2FA module - We need to store the user's email address. For Risk Based Authentication, information such as device type, location, IP address, and time are necessary to identify the user and give access based on the risk.
Payment Methods
Credit cards (American Express, Discover, MasterCard, and Visa) - If the payment is made through Credit Card/International Debit Card, the license will be created automatically once the payment is completed.
Unique Case Studies
Our primary focus is on providing secure Identity and Access Management solutions around a variety of popular use-cases such as Single Sign On, Two-factor Authentication (TFA/MFA), User Provisioning, LDAP, REST API Authentication, and much more. You can read other case studies that showcase our solutions.
Switzerland, Europe
SAML & SCIM Implementation for ICRC
We had to implement single sign-on functioning to the site while also performing syncing operations from their Identity provider to the Drupal site through System for Cross-Domain Identity Management(SCIM)
Read more
France, Europe
SSO for Headless Drupal System
One Headless Drupal website acting as a Service Provider and another Headless Drupal website acting as the Identity Provider.
Read more
United State
Decoupled OAuth - PKCE SSO Flow
Configuring SSO using the OAuth PKCE Protocol on a complex Decoupled Drupal Website using a custom, widely popular Identity Provider (IdP)
Read moreWhat Our Customers Have To Say About Us
"I highly recommend the company and the product"
This is a well designed. Implemented and documented product. It installed quickly, worked seamlessly, has very solid configuration options and works exactly as we needed it. I highly recommend the company and the product. I had a number of questions along the way, and each one was answered by the beginning of business with clarity and helpfulness and a good explanation. There are good training videos on the product, which get you 90% of the way there.
scott.stewart.va@gmail.com
Great product, great service!
We had a production issue in the middle of the night and the miniorange support team jumped in and helped us get our site back online. Great product, great service!
Troubleshooting
I had issues with documentation and emailed there support, within a day they responded. withing couple days (due to weekend), we had a zoom meeting with them troubleshooting and eventually walking me thru another configuration.
Excellent Support
Well written module paired with excellent support. I was having trouble connecting to our Azure AD B2C custom flow and the support team were very responsive in getting back to me and scheduling a support call. They were able to help me determine the areas that needed fixing and I was up and running pretty quickly.
Read more about what our most pleased consumers have to say!
Reviews & RatingNeed Help? We are right here!
