{"id":559,"date":"2023-06-08T06:56:12","date_gmt":"2023-06-08T06:56:12","guid":{"rendered":"https:\/\/moceanapi.com\/blog\/?p=559"},"modified":"2023-06-12T06:56:36","modified_gmt":"2023-06-12T06:56:36","slug":"secure-your-drupal-account-with-two-factor-authentication-2fa","status":"publish","type":"post","link":"https:\/\/moceanapi.com\/blog\/secure-your-drupal-account-with-two-factor-authentication-2fa\/","title":{"rendered":"Secure your Drupal account with Two Factor Authentication (2FA)"},"content":{"rendered":"\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#introduction\">Introduction<\/a><\/li><li><a href=\"#step-1-install-mocean-api-2-fa\">Step 1: Install MoceanAPI 2FA<\/a><\/li><li><a href=\"#step-2-connect-mocean-api-account\">Step 2: Connect MoceanAPI account<\/a><ul><li><a href=\"#configure-telephone-number-field\">Configure Telephone Number Field<\/a><\/li><li><a href=\"#configure-2-fa-opt-in-permission\">Configure 2FA opt-in permission<\/a><\/li><li><a href=\"#configure-mocean-api-credentials\">Step 3: Initiate Two Factor Authentication<\/a><\/li><\/ul><\/li><li><a href=\"#step-3-initiate-two-factor-authentication\">Step 3: Initiate Two Factor Authentication<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"introduction\">Introduction<\/h2>\n\n\n\n<p>In today&#8217;s digital landscape, website security has become a paramount concern for organizations and individuals alike. With the rise of cyber threats and hacking attempts, safeguarding sensitive information and ensuring user privacy are crucial aspects of maintaining a secure online presence. When it comes to content management systems (CMS), Drupal stands as a popular and powerful choice for building dynamic websites and applications. However, with its widespread usage, it becomes an attractive target for malicious actors seeking to exploit vulnerabilities and stealing sensitive information to be used for their own selfish reasons whether monetary or not.<\/p>\n\n\n\n<p>To counter these threats and fortify Drupal accounts, implementing robust security measures is imperative. One such powerful tool is Two-Factor Authentication (2FA), a method that provides an additional layer of protection beyond the traditional username-password combination. By incorporating 2FA into Drupal, users can enhance the security of their accounts and significantly reduce the risk of unauthorized access.<\/p>\n\n\n\n<p>Among the various 2FA methods available, SMS-based authentication stands out as a reliable and widely adopted approach. This method involves the user receiving a one-time verification code via SMS to their registered mobile phone number, which they must input along with their username and password during the login process. This simple yet effective technique adds an extra barrier that ensures only authorized individuals can access the Drupal account.<\/p>\n\n\n\n<p>The importance of securing your Drupal account using SMS-based 2FA cannot be overstated. This article will delve into the significance of implementing 2FA, specifically focusing on the SMS authentication method, in Drupal. We will explore how to setup 2FA in your Drupal site. By the end, you will be equipped with the knowledge to fortify your Drupal account and mitigate the risks associated with unauthorized access. Let&#8217;s embark on this journey to strengthen your Drupal security with the power of Two-Factor Authentication.<\/p>\n\n\n\n<p>If you prefer a video tutorial, you can find it <a href=\"https:\/\/www.youtube.com\/watch?v=BEQHo-reGq8\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-1-install-mocean-api-2-fa\">Step 1: Install MoceanAPI 2FA<\/h2>\n\n\n\n<p>1. To install, you need to navigate to your Drupal site\u2019s directory in your server using a terminal<\/p>\n\n\n\n<p>2. Run the command below<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>composer require \"drupal\/telephone_validation:^2.4\"\ncomposer require \"drupal\/mocean_sms_login:^3.0\"<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"770\" height=\"576\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-8.png\" alt=\"\" class=\"wp-image-560\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-8.png 770w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-8-300x224.png 300w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-8-768x575.png 768w\" sizes=\"(max-width: 770px) 100vw, 770px\" \/><\/figure>\n\n\n\n<p>After downloaded<strong>&nbsp;MoceanSMS Login<\/strong>&nbsp;and&nbsp;<strong>Telephone number<\/strong>&nbsp;package in drupal, you need to enable it in your Drupal Administration.<br>Activate MoceanSMS Login:&nbsp;<strong>Manage -&gt; Extend -&gt; Search for Mocean<\/strong><br>Activate Telephone Number:&nbsp;<strong>Manage -&gt; Extend -&gt; Search for Telephone<\/strong><\/p>\n\n\n\n<p>Tick the box and click on&nbsp;<strong>Install<\/strong>. Make sure to install both&nbsp;<strong>MoceanSMS Broadcast<\/strong>&nbsp;and&nbsp;<strong>Telephone Number<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"687\" height=\"546\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-9.png\" alt=\"\" class=\"wp-image-561\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-9.png 687w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-9-300x238.png 300w\" sizes=\"(max-width: 687px) 100vw, 687px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-2-connect-mocean-api-account\">Step 2: Connect MoceanAPI account<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-telephone-number-field\">Configure Telephone Number Field<\/h3>\n\n\n\n<p>After you&#8217;ve installed &amp; Enabled MoceanAPI SMS Broadcast, you need to specify the telephone field to use for sending SMS to.<\/p>\n\n\n\n<p>Navigate to <strong>Manage -&gt; Configuration -&gt; People -&gt; Account Settings -&gt; Manage Fields<\/strong><\/p>\n\n\n\n<p>Click on <strong>Add Fields<\/strong>, select <strong>Telephone Number<\/strong> and copy the <strong>Machine Name<\/strong> and save it.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"600\" height=\"382\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-2.png\" alt=\"Add required telephone field in Drupal\" class=\"wp-image-548\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-2.png 600w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-2-300x191.png 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-2-fa-opt-in-permission\">Configure 2FA opt-in permission<\/h3>\n\n\n\n<p>Navigate to <strong>Manage -&gt; People -&gt; Permissions -&gt; MoceanSMS Login<\/strong><\/p>\n\n\n\n<p>Check the box <strong>Enable and Disable MoceanSMS Login <\/strong>for <strong>Authenticated User<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"178\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-10-1024x178.png\" alt=\"\" class=\"wp-image-564\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-10-1024x178.png 1024w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-10-300x52.png 300w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-10-768x133.png 768w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-10-1536x266.png 1536w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-10-2048x355.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-mocean-api-credentials\">Configure MoceanAPI Credentials <\/h3>\n\n\n\n<p>Navigate to <strong>Manage -&gt; Configuration -&gt; MoceanSMS Setting<\/strong><\/p>\n\n\n\n<p>Get your MoceanAPI Credentials from <a href=\"https:\/\/dashboard.moceanapi.com\/company\/apisetting\" target=\"_blank\" rel=\"noreferrer noopener\">Mocean Dashboard<\/a>. Create an account <a href=\"https:\/\/dashboard.moceanapi.com\/register?fr=drupal\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a> in less than 3 minutes if you don&#8217;t already have an account<\/p>\n\n\n\n<p>Enter your credentials as well as the telephone field you get from previous step<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"646\" height=\"757\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-12.png\" alt=\"\" class=\"wp-image-566\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-12.png 646w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-12-256x300.png 256w\" sizes=\"(max-width: 646px) 100vw, 646px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-3-initiate-two-factor-authentication\">Step 3: Initiate Two Factor Authentication<\/h2>\n\n\n\n<p>Create a user and login as the user.<\/p>\n\n\n\n<p>You&#8217;ll see that your user have the option to opt-in or opt-out of 2FA login.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"779\" height=\"438\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-11.png\" alt=\"\" class=\"wp-image-565\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-11.png 779w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-11-300x169.png 300w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-11-768x432.png 768w\" sizes=\"(max-width: 779px) 100vw, 779px\" \/><\/figure>\n\n\n\n<p>After they&#8217;ve opted-in, we will send them a 2FA code<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"697\" height=\"390\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-13.png\" alt=\"\" class=\"wp-image-567\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-13.png 697w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-13-300x168.png 300w\" sizes=\"(max-width: 697px) 100vw, 697px\" \/><\/figure>\n\n\n\n<p>And we will also send 2FA prompts to them whenever they logged in<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"760\" height=\"432\" src=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-14.png\" alt=\"\" class=\"wp-image-568\" srcset=\"https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-14.png 760w, https:\/\/moceanapi.com\/blog\/wp-content\/uploads\/2023\/06\/image-14-300x171.png 300w\" sizes=\"(max-width: 760px) 100vw, 760px\" \/><\/figure>\n\n\n\n<p>Ta-daaaa, that&#8217;s how easily you can integrate MoceanAPI 2FA Login to secure your user&#8217;s accounts in your Drupal Site.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction In today&#8217;s digital landscape, website security has become a paramount concern for organizations and individuals alike. With the rise of cyber threats and hacking attempts, safeguarding sensitive information and ensuring user privacy are crucial aspects of maintaining a secure online presence. When it comes to content management systems (CMS), Drupal stands as a popular&#8230;<\/p>\n","protected":false},"author":1,"featured_media":572,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[23,19],"tags":[],"class_list":["post-559","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-drupal","category-content-management-system-cms"],"_links":{"self":[{"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/posts\/559"}],"collection":[{"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/comments?post=559"}],"version-history":[{"count":6,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/posts\/559\/revisions"}],"predecessor-version":[{"id":637,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/posts\/559\/revisions\/637"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/media\/572"}],"wp:attachment":[{"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/media?parent=559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/categories?post=559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/moceanapi.com\/blog\/wp-json\/wp\/v2\/tags?post=559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}