Changes for page XWiki Two-Factor Authentication

Last modified by Agnease on 2026/06/24 16:39

Manage
- Copy
Actions
- Export
- Print Preview
Viewers
- Source
- Siblings
- Content
- Comments
- Attachments (13)
- History
- Information
- Likes

From 23.9 to 23.10 From 23.12 to 23.13

From version 23.10

edited by Agnease
on 2026/06/24 15:56

Change comment: There is no comment for this version

To version 23.12

edited by Agnease
on 2026/06/24 15:58

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (2 modified, 0 added, 0 removed)

Details

Page properties

Title

@@ -1,1 +1,1 @@
--XWiki Two-Factor Authentication
++XWiki Multi‑Factor Authentication

Content

@@ -3,11 +3,11 @@
  #set ($discard = $xwiki.ssx.use('products.WebHome'))
  #set ($mainCapabilityItems = [{
--  'title': 'Second verification step',
++  'title': 'MFA login protection',
    'icon': 'key',
--  'content': 'Add an additional verification screen after the normal XWiki username and password login.'
++  'content': 'Add an additional verification step after the normal XWiki username and password login.'
  },{
--  'title': 'Authenticator app codes',
++  'title': 'Authenticator app verification',
    'icon': 'mobile',
    'content': 'Let users verify access with time-based TOTP codes generated by authenticator applications.'
  },{
@@ -95,14 +95,14 @@
    <div class="container hero-inner">
      <div class="hero-kicker">
        <i class="fa fa-lock" aria-hidden="true"></i>
--      XWiki 2FA and MFA
++      XWiki MFA and 2FA
      </div>
--    <h1 id="product-title">XWiki Two-Factor Authentication (2FA/MFA)</h1>
++    <h1 id="product-title">XWiki MFA and Two-Factor Authentication</h1>
      <p class="lead">
--      Protect XWiki logins with a second verification step using authenticator app codes,
--      recovery codes and trusted devices.
++      Add multi-factor authentication to XWiki with authenticator app verification,
++      recovery codes, trusted devices, user self-service and administrator monitoring.
      </p>
      <div class="hero-actions">
@@ -116,7 +116,7 @@
    <div class="container">
      <div class="product-layout">
        <article class="product-summary-card">
--        <h2 id="overview-title">Two-factor authentication built into XWiki</h2>
++        <h2 id="overview-title">MFA support built into the XWiki login flow</h2>
          <p>
            XWiki Two-Factor Authentication adds MFA support to the standard XWiki login flow.
@@ -125,9 +125,9 @@
          </p>
          <p>
--          The extension is designed for organizations that want stronger access protection for
--          internal knowledge bases, intranets, documentation platforms, customer portals and other
--          XWiki-based applications.
++          Beyond the login verification step, the extension also supports recovery codes, trusted devices,
++          user self-service management, administrator reset actions and an administration overview for
++          monitoring MFA adoption.
          </p>
        </article>
@@ -149,7 +149,7 @@
  <section aria-labelledby="capabilities-title">
    <div class="container">
--    <h2 id="capabilities-title">Main capabilities</h2>
++    <h2 id="capabilities-title">Main MFA capabilities</h2>
      <p class="section-intro">
        A focused set of MFA features for stronger XWiki account protection without replacing the familiar login experience.
@@ -176,11 +176,11 @@
    <div class="container">
      <div class="product-layout">
        <article class="product-summary-card">
--        <h2 id="security-title">Useful for XWiki security and access protection</h2>
++        <h2 id="security-title">MFA for XWiki security and access protection</h2>
          <p>
            Many organizations use XWiki to store internal documentation, procedures, operational
--          knowledge and business-critical information. Adding a second authentication factor helps
++          knowledge and business-critical information. Adding an additional authentication factor helps
            reduce the risk of account compromise when a password is exposed or reused.
          </p>
@@ -285,7 +285,7 @@
  <section aria-labelledby="self-service-title">
    <div class="container">
--    <h2 id="self-service-title">Recovery codes and trusted devices</h2>
++    <h2 id="self-service-title">MFA recovery codes and trusted devices</h2>
      <p class="section-intro">
        Recovery codes and trusted devices help balance stronger access protection with a smoother user experience.
@@ -361,11 +361,48 @@
    </div>
  </section>
--<section aria-labelledby="rollout-title">
++<section aria-labelledby="mfa-faq-title">
    <div class="container">
++    <h2 id="mfa-faq-title">MFA questions</h2>
++
++    <div class="resource-content">
++      <details class="resource-faq-item">
++        <summary>Is this an MFA or 2FA extension?</summary>
++        <p>
++          It is best described as an MFA extension for XWiki. The most visible login flow is two-factor authentication,
++          but the extension also includes MFA policy, recovery codes, trusted devices, user self-service and administrator monitoring.
++        </p>
++      </details>
++
++      <details class="resource-faq-item">
++        <summary>Does it replace the standard XWiki login?</summary>
++        <p>
++          No. It adds an additional verification step after the normal XWiki username and password login.
++        </p>
++      </details>
++
++      <details class="resource-faq-item">
++        <summary>Which verification method is used?</summary>
++        <p>
++          Users verify access with time-based codes generated by an authenticator application.
++        </p>
++      </details>
++
++      <details class="resource-faq-item">
++        <summary>What happens if a user loses access to the authenticator app?</summary>
++        <p>
++          Recovery codes can provide backup access when enabled. Administrators can also reset the user MFA setup.
++        </p>
++      </details>
++    </div>
++  </div>
++</section>
++
++<section class="product-section-muted" aria-labelledby="rollout-title">
++  <div class="container">
      <div class="product-layout">
        <article class="product-summary-card">
--        <h2 id="rollout-title">Rollout recommendations</h2>
++        <h2 id="rollout-title">MFA rollout recommendations</h2>
          <p>
            For a smooth rollout, start with a small administrator or pilot group before requiring MFA for everyone.
@@ -406,7 +406,7 @@
  <section class="cta-section" aria-labelledby="cta-title">
    <div class="container">
      <div class="cta-panel">
--      <h2 id="cta-title">Interested in using this extension?</h2>
++      <h2 id="cta-title">Interested in XWiki MFA?</h2>
        <p>
          Send a short message with your XWiki version, current authentication setup and MFA rollout goal.