Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token
This is a Roundcube webmail plugin that enables Duo Security Two Factor Authentication.
It creates an additional page after successful username/password authentication that requires a 2nd Factor of Authentication using Duo Security (push, sms, call, hardware token code).
Install using Composer (https://getcomposer.org) from the root directory of your roundcube installation:
$ composer require lmr/duo_auth
$ composer dumpautoload -o
config.inc.php and modify as necessary.
Enter all keys necessary for integration with Duo in the config.inc.php file.
Assuming a Duo integration has already been created in Duo's Admin Panel, you will be able to find all the information requested in the config.inc.php there.
Author: Alexios Polychronopoulos - Wrote duo_auth for Roundcube.
Author: Leonardo Mariño-Ramírez - Updated the plugin for compatibility with Roundcube 1.3.0.
Author: Johnson Chow - Added support for IPv4 CIDR matching and 2FA overrride for specific users.