Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Registration Settings

The "OTP at Registration" feature in the miniOrange Joomla Multi-Factor Authentication plugin adds an extra layer of security by requiring users to verify their identity with a One-Time Password (OTP) during signup. The OTP is sent via email or SMS, based on the chosen method.

This ensures that only users with valid contact details can complete registration, reducing fake signups, spam accounts, and bot abuse. Registration is completed only after the correct OTP is entered, confirming the authenticity of the provided email or phone number.

Joomla Multi-Factor Authentication | 2-Step Verification for Joomla

Available Configuration Settings

1. Enable During Registration

This setting activates the OTP verification step during the user registration process. When turned on, every new user must complete OTP verification before their account is created.

Verification Method

Choose how the OTP will be delivered to the user:

Email – Sends the OTP to the user's provided email address.
SMS – Delivers the OTP to the user's phone via text message.
Email or SMS – The Email or SMS option allows you to send the One-Time Password to the user, who will receive the same OTP on both their registered email address and mobile number via SMS.
Email and SMS – The Email and SMS option allows you to send different OTPs simultaneously to the user's registered email address and mobile number.

Number of Resend Attempts

Set the maximum number of times a user can click “Resend OTP” during the registration process. This helps prevent misuse or abuse by bots or malicious users who might attempt to flood inboxes or trigger excessive SMS transactions.

Selecting “Default” allows unlimited resends.
You can define a specific limit (e.g., 3 attempts) to control user behavior and reduce spam.

Note: Setting a resend limit helps prevent excessive OTP requests, while still ensuring a smooth registration experience.

2. MFA After Registration

Joomla Multi-Factor Authentication | 2-Step Verification for Joomla

Enable this option to automatically enforce Multi-Factor Authentication immediately after a user completes the registration process. Once users sign up, they will be required to set up and configure their MFA method.

Note: Enabling this ensures that every new user is automatically protected with an extra layer of security. If left unchecked, the MFA setup will be prompted at the user's first login after the MFA feature is enabled in the login settings.

3. Email Domain Restriction – Feature Overview

This feature allows you to control who can register on your Joomla site based on their email domain, helping to reduce spam, unauthorized signups, or registrations from unwanted sources.

Joomla Multi-Factor Authentication | 2-Step Verification for Joomla

You can configure the plugin in two ways:

Allow Domains
Only users with email addresses from the specified domains will be permitted to register. All other domains will be blocked automatically.

Example: If you enter company.com;partner.org, only users with emails like user@company.com or name@partner.org will be able to create an account.

Block Domains
This option allows you to explicitly prevent registrations from certain domains. Any user trying to register with an email address from a blocked domain will be rejected during signup.

Example: Adding gmail.com;yahoo.com will block all users trying to register using these email domains.

4. Country Code

Joomla Multi-Factor Authentication | 2-Step Verification for Joomla

This option allows administrators to set a default country code for user registration, ensuring that users don’t have to manually input their country code during the signup process. Once configured, the selected country code is automatically applied, helping to streamline and simplify the registration experience, especially for users from a specific target region.

5. Block Country Code

Joomla Multi-Factor Authentication | 2-Step Verification for Joomla

This feature enables you to restrict user registrations based on specific country codes, enhancing control over who can access your Joomla site. If a particular country code is listed in the restriction settings, any user attempting to register with a phone number from that region will be automatically blocked from completing the signup process.

This is especially useful for preventing spam, ensuring regional compliance, or limiting access to approved geographic locations.