Enabling Two Factor Authentication in Roundcube
- Best Roundcube 2FA plugin
- Two-factor authentication is essential when protecting access to email. Using the Protectimus Roundcube OTP plugin, you can set up two-factor authentication in the Roundcube webmail client in just 15 minutes.
Adding 2FA to Roundcube in 15 minutesIt takes just 15 minutes to configure two-factor authentication in Roundcube and secure access to Roundcube using one-time passwords. We offer a customer-tested, ready-to-use 2FA plugin, Protectimus Roundcube OTP. If you have any questions, we invite you to contact our support team.
You will find the installation instructions here.
OTP delivery methodsChoose your Roundcube two-factor authentication methods: hardware tokens; the Protectimus Smart one-time password generator app; SMS-based OTP delivery; or chatbots on Telegram, Viber, and Messenger. These are virtually all of the one-time password delivery methods available today. The Protectimus two-factor authentication solution is available as a cloud service or an on-premise solution.
|Image||Token Model||Price, pcs |
$3 when paying service in advance for a year
|Bulletproof OTP token: reliable, waterproof, stylish||Bulletproof TOTP token: reliable, waterproof, stylish|
$3 when paying service in advance for a year
|PROTECTIMUS FLEX||$19.99$18.99$16.99$15.99$13.99||The reprogrammable and stylish hardware TOTP token||The reprogrammable hardware TOTP token|
|PROTECTIMUS SLIM NFC||$29.99$28.99$26.99$24.99$21.99||Reprogrammable NFC token, that fits any two-factor authentication system||Reprogrammable NFC token|
|PROTECTIMUS SMART||free||Available for all key Android and iPhone platforms||Software token for Android and iPhones|
|PROTECTIMUS BOT||free||OTP delivery via messenger — easy, secure, convenient. The service is available on Telegram, Viber and Facebook Messenger.||The service is available on Telegram, Viber and Facebook Messenger|
|PROTECTIMUS SMS||$2 per user/month||Minimum hassle||Minimum hassle|
|PROTECTIMUS MAIL||free||Minimum costs||Minimum costs|
To begin setting up two-factor authentication for the Roundcube client, download the Protectimus 2FA plugin for Roundcube from GitHub and install it. For adding two-factor authentication to Roundcube find plugin setup instructions on the official plugin repository for Roundcube Webmail. After installing the Roundcube 2-factor authentication plugin, register with the Protectimus service, and create a resource, user, and token. Assign the user and token to the resource.
Most services use email for changing passwords and restoring access to accounts. That means that reliable email access protection — and in this case, that means Roundcube authentication security — is fundamental to IT security in general. Even if you use a secure password, that password could be intercepted by a keylogger, brute-forced, or obtained using phishing or social engineering. Two-factor authentication adds an extra level of Roundcube brute force protection — one-time passwords are valid for 30 to 60 seconds. They can’t be guessed or collected, and they’re difficult or impossible to intercept.
Two-factor authentication protects Roundcube from keyloggers and brute-force attacks. It also guards against phishing and social engineering attacks, and data signing functionality protects against man-in-the-middle attacks. Roundcube just can’t be secure without a verified multi-factor authentication plugin for Roundcube. The Roundcube MFA plugin from Protectimus lets you configure multifactor authentication for Roundcube in just a few minutes. Features available in Protectimus’s solution include geographic and time-based filters, self-service, CWYS data signing, user environment analysis, and a broad assortment of 2FA tokens to choose from.
The Protectimus multi-factor authentication plugin for roundcube supports hardware OTP tokens with hard-coded secret keys, the reflashable Protectimus Slim NFC hardware token, the Protectimus Smart 2FA app for iOS and Android, email, and SMS authentication. Roundcube two-factor authentication methods also include delivery of one-time passwords over Telegram, Viber, and Facebook Messenger. Hardware tokens are the most reliable OTP tokens. These tokens cannot be infected by viruses, and intercepting one-time passwords is impossible. Messaging service chatbots are both convenient and secure; however, we don’t recommend SMS-based authentication.
When setting up the Roundcube Webmail client, make sure that all the basic security rules have been taken into account: the connection between Roundcube and the mail server is protected with an SSL certificate, email encryption is set up, and 2-factor authentication plugin for Roundcube Webmail security is built in. With Protectimus Roundcube OTP Plugin adding two-factor authentication to Roundcube will be done in just a few clicks.