Blog

Get the inside scoop at Cyphercor and learn about relevant security news and insights.

Enable Joomla with LoginTC Two-Factor Authentication

March 4, 2014Hernan Matute

LoginTC Joomla Connector Improves Security and Compliance of Joomla Deployments

Cyphercor is pleased to announce its latest set of connector releases providing support to all major open source Content Management Systems (CMS). The LoginTC Joomla Connector provides the foundation to integrate Joomla deployments with LoginTC two-factor authentication services.

Joomla! websites protected with LoginTC can:

  • Prevent unauthorized access
  • Enforce Role Based Access Control (RBAC) to critical Joomla Groups
  • Increase their security posture
  • Meet industry compliance requirements (e.g. PCI, FFIEC, HIPAA)
  • Allow their end-users to access LoginTC-protected content from anywhere / anytime

LoginTC specifically addresses the challenges of separation of duties and related management access enforcement and the auditing of activity and configuration change in your Joomla! deployment. The LoginTC Joomla Connector verifies authentication requests and centrally administers authentication policies for Joomla users and groups. For end-users, the LoginTC app in their mobile device is easy-to-use, convenient, self-contained, and a secure and effective user-identification method.

You can test-drive the LoginTC Joomla Connector by signing up for a LoginTC Starter Account, which is free for up to 10 users. Joomla! administrators can create, install and configure LoginTC in under 30 minutes. The LoginTC Joomla Connector documentation shows you step-by-step instructions on how to enable your Joomla deployment with LoginTC.

Audience

This posting is intended for IT and security administrators, managers, and directors managing Joomla! applications and content in virtualized or physical environments.

LoginTC Joomla Connector supports Joomla versions 2.5+, 3.0 and up.

The LoginTC Joomla Connector Blueprint

Before diving into the configuration of your Joomla! deployment with LoginTC, let’s step back and take a close look at the LoginTC Joomla Connector blueprint. The image below depicts how all the components are put together. The steps necessary for installation and configuration include:

  1. Create your LoginTC Starter Account to create and configure your Joomla Domain
  2. Create your first user in LoginTC Admin to test your Joomla configuration
  3. Install the LoginTC Joomla Connector in your Joomla Admin Extensions
  4. Configure the LoginTC Joomla Connector in the Joomla Plug-in Manager
  5. Select a Joomla Group and a Joomla User that will be your first test configuration with LoginTC
  6. Match the Joomla Username with the LoginTC Username, and
  7. Issue the Activation Code to provision the user’s LoginTC token in your mobile device
Joomla Connector Blueprint

Joomla Connector Blueprint

The blueprint illustrates the authentication flow with the LoginTC Joomla Connector. When you assign a Joomla group to authenticate with LoginTC, users in that group will log-in into Joonmla with LoginTC; all other groups will use the username/password combination.

Configure your Joomla Website with LoginTC

You must create your LoginTC Starter Account to access LoginTC Admin and start the integration of Joomla with LoginTC. Follow the instructions in the LoginTC Joomla Connector to create your first organization and your first LoginTC domain.

Joomla Connector Configured in LoginTC Admin

Joomla Connector Configured in LoginTC Admin

You can uniquely identify your Joomla domain with your own organization or website logo – just upload an image in the Settings page. You can also determine if the LoginTC token must be unlocked with a 4-digit PIN or a passcode.

Provide your Joomla Users with Mobile Notification Content

You can provide your Joomla users with notification content in their mobile LoginTC app. The LoginTC Admin Panel allows you to add Attributes to your Joomla domain. Add the content title and content description in your own language.

Attributes Sent in LoginTC Notification

Attributes Sent in LoginTC Notification

Content added to your Joomla domain will be displayed to your Joomla users during an authentication session in their mobile device to decide if they want to approve or deny the authentication request.

Create your First Joomla User in LoginTC Admin

Now you can add your first Joomla user to the Joomla domain you just created. The Username you choose in the LoginTC Admin panel must be the same Username used in Joomla.

Create a New User and link him to your Joomla Domain

Create a New User and link him to your Joomla Domain

The user e-mail you enter can be used to issue the Activation Code to the user to create the LoginTC token in the LoginTC app.

Install the LoginTC Connector in Joomla

The LoginTC Joomla Connector can be directly installed from your Joomla Administration panel. Simply select Extensions and the Extension Manager and use the Install from URL option. Once installed you can see it in the Plug-in Manager as shown below.

Upload and install the LoginTC Joomla Connector in Joomla Extensions

Upload and install the LoginTC Joomla Connector in Joomla Extensions

Follow the instructions in the LoginTC Joomla Connector documentation to enable your LoginTC connector.

Configure the LoginTC Connector in Joomla

The LoginTC Joomla Connector is configured in the Joomla Plug-in Manager. Follow the instructions to carefully enter the information required for API Configuration, the Groups that must authenticate with LoginTC, and the Request Attributes you want your user to see in the LoginTC notification.

Configure the LoginTC Plug-in in Joomla to Integrate with LoginTC Services

Configure the LoginTC Plug-in in Joomla to Integrate with LoginTC Services

Don’t forget to match your Joomla Username with the LoginTC Username you created in the LoginTC Admin Panel above.

Ready to Test Your LoginTC Connector with Joomla

Now you need to provision the LoginTC token for your Joomla user. Once your user has activated and locked the token, you are ready to test your LoginTC Joomla Connector installation and configuration. The image below shows you the LoginTC app user interface that was configured to test your Joomla deployment.

LoginTC Notification for Joomla Two-Factor Authentication

LoginTC Notification for Joomla Two-Factor Authentication

If you are a Joomla administrator, manager, developer or integrator, give LoginTC a try.

Feedback

To suggest changes and provide feedback on this posting, send e-mail to . Include the name of this posting, the name of the topic to which your comment applies, and your feedback. We thank you in advance for your feedback.

Start protecting your enterprise assets within minutes. Get Started