Search Results :


Two Factor Authentication
2FA/MFA Plugin for Joomla

The miniOrange Joomla Two Factor Authentication plugin is a safe and easy-to-use plugin that offers over 15 different two factor authentication methods for logging into Joomla, including Google Authenticator, TOTP, OTP over SMS, OTP over email, Push Notifications, and OTP over Telegram / WhatsApp. With this plugin, you can add an extra layer of security to your Joomla website and protect your users from unauthorized access. The plugin is incredibly simple to set up and use, and it is compatible with all versions of Joomla.

Joomla 2FA/MFA plugin

What is Joomla Two Factor Authentication?

Joomla Two Factor Authentication

Joomla Two Factor Authentication (TFA/MFA) is a security feature that requires users to provide further proof of identity when accessing a Joomla website. The first factor is typically a password, and the second factor authentication can be a unique code sent via text, or a time-based code on an authentication app. This feature adds an extra layer of security to your Joomla website and protects your users from unauthorized access.

Why use Joomla Two Factor Authentication?

Protect user accounts from unauthorized access

If someone steals or guesses a user's password, they still need another factor, such as a code sent to the user's phone or a fingerprint scan, to log in to the account. This makes it much harder for hackers to break into the user's accounts and access their personal information.

Easy to set up and use

Many websites and services offer 2FA as an option or a requirement for their users. You can enable 2FA in your site using our plugin and choose the method that suits you best, such as SMS, email, app, or biometric. Once you set up 2FA, you only need to enter the second factor when you log in from a new device or location, or after a certain period of time.

Reduces the risk of identity theft

Identity theft and fraud can have serious consequences. You can prevent hackers from using your stolen credentials or making fraudulent transactions on your behalf by using a second factor authentication.

Why is 2FA/MFA in Joomla Needed

Key Features for our Joomla 2FA/MFA Plugin

Joomla 2FA/MFA Plugin Role Based TFA

Role Based TFA

You can enable Two Factor Authentication (TFA) or Multi-Factor Authentication (MFA) for specific user roles in Joomla. TFA will only be invoked for users who fall under the roles you save.

Joomla 2FA/MFA Plugin Domain Based TFA

Domain Based TFA

You can enable Two Factor Authentication (TFA) or Multi-Factor Authentication (MFA) for specific domains. TFA will be invoked if the users belong to the configured domain.

Joomla 2FA/MFA Plugin Compatible with Joomla 5

Compatible with Joomla 5

The miniOrange Joomla Two Factor Authentication plugin is compatible with Joomla 3, 4 and Joomla 5. You don’t need to install a new plugin for Joomla 5.

Joomla 2FA/MFA Plugin Passwordless Login

Passwordless Login

Provides passwordless authentication during login, which requires users to enter only their username and one-time password (OTP). Therefore, a password is not necessary.

Joomla 2FA/MFA Plugin Remember my Device

Remember my Device

By using this feature, you can save your frequently used devices, which will eliminate the need to verify your identity every time you use the same device.

Joomla 2FA/MFA Plugin Back-Up Methods

Back-Up Methods

Our MFA plugin offers various backup methods for you to log into your account in case you have lost your phone or you are logged out of your account.

Login Form Integrations

The majority of the Joomla login forms are supported by us. Our Joomla TFA/MFA plugin is tested with nearly all of the forms mentioned above and more.

If there is any custom login form where Two Factor is not initiated for you, please reach out to us by dropping a query at

Pricing Plans for Everyone


For 1 User Only



For 1+ Users

Yearly Subscription Fees

On Premise

For 1+ Users


Feature Comparison

Features Free Premium On Premise
All Authentication Methods
Remember My Device
Login with phone number
2FA on profile update
Passwordless login
Enforce 2FA registration for users
Supports all the languages
Backup security questions (KBA)
Add your own security questions
Customize number of KBA to be asked while login
Backup codes
Change app name in Google authenticator app
Custom Email Templates
Custom SMS Templates
Custom OTP length and validity
Backdoor URL (incase you get locked out)
Enable Role based TFA
IP specific TFA (Whitelisting IP Address)
Select TFA methods to be configured by end users
TFA over Password Reset
24/7 Support

Knowledge Base

Frequently Asked Questions

Does miniOrange store any user data?

miniOrange does not store or transfer any data out of your systems. All the plugins are completely on premise. All the data remains within your premises / server.

Does miniOrange offer technical support?

Yes, we provide 24*7 support for all and any issues you might face while using the plugin, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.

What is our refund policy?

At miniOrange, we want to ensure you are 100% happy with your purchase. If the licensed plugin you purchased is not working as advertised and you've attempted to resolve any feature issues with our support team but couldn't get them resolved, we will refund the amount paid for the plugin. Please note that we will not refund any fees paid for support plans, support hours, or customization charges.

Note that this policy does not cover the following:
1) Change in mind or change in requirements after purchase.
2) Infrastructure issues do not allow the functionality to work.

If you have any other queries regarding the return policy email us at

Is this an annual or a monthly charge?

This is an annual subscription. You would need to renew the license every year, in order to get the plugin updates that include security patches and compatibility changes with the latest versions of PHP, MySQL, and Joomla.

What happens if I do not renew my license?

If you decide to not renew your license, you will be able to continue to use our plugin but you won't receive any updates after your license period.

What is one instance?

A Joomla instance refers to a single installation of a Joomla site. It refers to each individual website where the plugin is active. In the case of a single site Joomla, each website will be counted as a single instance.

Frequently Asked Questions

How do i manage my trusted devices?
If I enable the 'Change TFA method for users' feature then how will it work?
What happens if I lose my phone?
How can I see which users have 2FA enabled in my organization?
How the passwordless login works with TFA enabled?
I want to enable only one authentication method for my users. What should I do?
Can I choose to enforce TFA only for End Users or Admins. How can I do it?
Is there any option with which users have the option to skip the TFA setup?
Can admin reset TFA for a particular user?
If I originally set up TFA with one email address but have since changed my email, where will I receive the verification code: on my old email or the new one?
I am facing issue in scanning QR code, what is the reason behind the error?
My Users are not being prompted for 2-factor during login. Why?
I want to create my own Security Questions, how do I do that?
I want to customized UI of Login Pop up’s, how I do that?
I want to reset Two Factor for my users, how I do that?

Get Your 7-Day Free Trial Now

No Credit Card Required

  Explore all the features the plugin has to offer.

  Integrate with any platform of your choice.

  24*7 support to help you with the setup.

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

Why Choose miniOrange?

24/7 Customer Support

We are 24/7 available for your query resolutions, on email and phone support. Just one click away.

Strong Domain Expertise

miniOrange is a domain expert in IAM products such as SSO, 2FA, MFA, and custom enterprise solutions.

Custom Development

We offer custom plugins (extensions) that are developed and tailored to your needs.

Extensive Setup Guides

Easy and precise step-by-step instructions by videos to help you configure within minutes.

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to