Loading...

XML

Word

Printable

Type: Improvement
Resolution: Fixed
Priority: Minor
Fix Version/s: 4.4
Affects Version/s: Future Dev
Component/s: Authentication
Labels:

Fixed Branches:
MOODLE_404_STABLE
Epic Link:
Add MFA to Moodle LMS - 4.4
Pull from Repository:
https://github.com/davewoloszyn/moodle.git
Pull Main Branch:
~~MDL-79920~~-main
Pull Main Diff URL:
https://github.com/davewoloszyn/moodle/compare/4da813d35e...MDL-79920-main
Documentation link:
https://docs.moodle.org/404/en/Multi-factor_authentication#User_setup
Testing Instructions:
Hide

Setup

Before proceeding, ensure you can receive emails sent via Moodle as you may be required to verify yourself when logging in when MFA is enabled. You can do it by setting up Mailpit

Log into Moodle as admin.

Go to Site admin -> Plugins -> Admin tools -> Multi factor authentication

Enable 'MFA plugin enabled'

In the factor table, enable the following factors:

Email

Authenticator app

Security key

Press 'Save changes'

Test authenticator app

Go to your user preferences page

Click on 'Multi-factor authentication preferences'

CONFIRM that the Authenticator app card has a 'Set up' button

Click on the 'Set up' button

Set up the factor using the instructions.

After successful setup, CONFIRM that the button on the Authenticator app card now reads 'Manage'

Click on the 'Manage' button

CONFIRM you see a table with your factor listed and two buttons, 'Replace' and 'Remove'

Click on 'Replace'

CONFIRM you see a modal window popup with a message about replacement.

Click the 'Yes, replace' button.

CONFIRM you see a heading saying 'Replace authenticator app'.

Set up the factor again using a different device name.

After successful replacement, click on the 'Manage' button again for Authenticator app.

CONFIRM that your new factor is listed and that your old one has been removed.

Click on the 'Remove' button

CONFIRM you see a modal window popup with a message about removing the factor.

Click on the 'Yes, remove' button.

CONFIRM you now see a 'Set up' button again for Authenticator app.

Test security key

Go to your user preferences page

Click on 'Multi-factor authentication preferences'

CONFIRM that the Security key card has a 'Set up' button

Click on the 'Set up' button

CONFIRM that the 'Save changes' button is disabled.

Enter in a security key name.

Click the 'Register security key' button and perform the necessary steps.

CONFIRM that the 'Save changes' button is now enabled.

After successful setup, CONFIRM that the button on the Security key card now reads 'Manage'

Click on the 'Manage' button

CONFIRM you see a table with your factor listed and two buttons, 'Replace' and 'Remove'

Click on 'Replace'

CONFIRM you see a modal window popup with a message about replacement.

Click the 'Yes, replace' button.

CONFIRM you see a heading saying 'Replace security key'.

Set up the factor again using a different security key name.

After successful replacement, click on the 'Manage' button again for Security key.

CONFIRM that your new factor is listed and that your old one has been removed.

Click on the 'Remove' button

CONFIRM you see a modal window popup with a message about removing the factor.

Click on the 'Yes, remove' button.

CONFIRM you now see a 'Set up' button again for Security key.
Show
Setup Before proceeding, ensure you can receive emails sent via Moodle as you may be required to verify yourself when logging in when MFA is enabled. You can do it by setting up Mailpit Log into Moodle as admin. Go to Site admin -> Plugins -> Admin tools -> Multi factor authentication Enable 'MFA plugin enabled' In the factor table, enable the following factors: Email Authenticator app Security key Press 'Save changes' Test authenticator app Go to your user preferences page Click on 'Multi-factor authentication preferences' CONFIRM that the Authenticator app card has a 'Set up' button Click on the 'Set up' button Set up the factor using the instructions. After successful setup, CONFIRM that the button on the Authenticator app card now reads 'Manage' Click on the 'Manage' button CONFIRM you see a table with your factor listed and two buttons, 'Replace' and 'Remove' Click on 'Replace' CONFIRM you see a modal window popup with a message about replacement. Click the 'Yes, replace' button. CONFIRM you see a heading saying 'Replace authenticator app'. Set up the factor again using a different device name. After successful replacement, click on the 'Manage' button again for Authenticator app. CONFIRM that your new factor is listed and that your old one has been removed. Click on the 'Remove' button CONFIRM you see a modal window popup with a message about removing the factor. Click on the 'Yes, remove' button. CONFIRM you now see a 'Set up' button again for Authenticator app. Test security key Go to your user preferences page Click on 'Multi-factor authentication preferences' CONFIRM that the Security key card has a 'Set up' button Click on the 'Set up' button CONFIRM that the 'Save changes' button is disabled. Enter in a security key name. Click the 'Register security key' button and perform the necessary steps. CONFIRM that the 'Save changes' button is now enabled. After successful setup, CONFIRM that the button on the Security key card now reads 'Manage' Click on the 'Manage' button CONFIRM you see a table with your factor listed and two buttons, 'Replace' and 'Remove' Click on 'Replace' CONFIRM you see a modal window popup with a message about replacement. Click the 'Yes, replace' button. CONFIRM you see a heading saying 'Replace security key'. Set up the factor again using a different security key name. After successful replacement, click on the 'Manage' button again for Security key. CONFIRM that your new factor is listed and that your old one has been removed. Click on the 'Remove' button CONFIRM you see a modal window popup with a message about removing the factor. Click on the 'Yes, remove' button. CONFIRM you now see a 'Set up' button again for Security key.

Story Points:
10
Sprint:
Team Hedgehog 2024 Sprint 1.1, Team Hedgehog 2024 Sprint 1.2, Team Hedgehog 2024 Sprint 1.3, Team Hedgehog 2024 Sprint 1.4

Improve the workflow for users when they set up new authentication factors and manage existing ones. There is work to be done for both the UI presentation and the steps required to manage and setup factors.

The UX prototype for improvements to the workflow have been completed and are linked in the requirements below.

Requirements in scope for this issue:

Update the user factor setup to use the cards and flow as per the Figma prototype (last updated 1 Feb).
Create the new manage page to display the factor setup.
Update the "revoke" functionality wording to "remove", and update so that this feature is only available if at least one other factor is still enabled and configured by the user (so that you can't remove the last configured factor which would potentially lock you out). Note: Taking into account the weight of factors (ie whether they are worth less than 100) is out of scope for this issue (so this requirement will simply be that you cannot remove a factor if it is the only one enabled and configured by the user).
Add the "replace" feature, which allows a user to reconfigure a factor and replace the previous config (eg you could add a new hardware token, resulting in the previously configured one being removed). This requirement includes implementation of the confirmation modal from the prototype.
Update the setup forms for relevant factors to match the prototype.
Deprecate any strings that are no longer used (eg this could be relevant for all of the different calls to actions like "app setup" from the old setup buttons, which are replaced by the common language "setup" on the new cards UI).

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

(1) 10 Passed -- (Main)MDL-79920.png
38 kB
05/Apr/24 2:46 PM
(1) 12 Passed -- (Main)MDL-79920.png
52 kB
05/Apr/24 2:46 PM
(1) 15 Passed -- (Main)MDL-79920.png
42 kB
05/Apr/24 2:46 PM
(1) 17 Passed -- (Main)MDL-79920.png
39 kB
05/Apr/24 2:46 PM
(1) 19 Passed -- (Main)MDL-79920.png
77 kB
05/Apr/24 2:46 PM
(1) 3 Passed -- (Main)MDL-79920.png
61 kB
05/Apr/24 2:46 PM
(1) 6 Passed -- (Main)MDL-79920.png
64 kB
05/Apr/24 2:46 PM
(1) 8 Passed -- (Main)MDL-79920.png
40 kB
05/Apr/24 2:46 PM
(2) 3 Passed -- (Main)MDL-79920.png
50 kB
05/Apr/24 2:46 PM
(2) 5 Passed -- (Main)MDL-79920.png
47 kB
05/Apr/24 2:46 PM
10 passed.png
88 kB
05/Apr/24 3:45 PM
1 passed.png
29 kB
05/Apr/24 3:45 PM
2 passed.png
75 kB
05/Apr/24 3:45 PM
3 passed.png
75 kB
05/Apr/24 3:45 PM
4 passed.png
86 kB
05/Apr/24 3:45 PM
5 passed.png
47 kB
05/Apr/24 3:45 PM
6 passed.png
66 kB
05/Apr/24 3:45 PM
7 passed.png
73 kB
05/Apr/24 3:45 PM
8 passed.png
48 kB
05/Apr/24 3:45 PM
9 passed.png
63 kB
05/Apr/24 3:45 PM
access.png
35 kB
05/Mar/24 7:17 PM
balance.png
46 kB
06/Mar/24 10:13 AM
icons and cards styling.png
101 kB
07/Mar/24 6:23 AM
issue_mfa.png
21 kB
05/Mar/24 12:10 PM

has a non-specific relationship to

MDL-80970 Deprecate revoke_factor_form class

Closed

MDL-80995 Deprecate setup_factor (tool_mfa\output\renderer)

Closed

is child of

IDEA-231 Improve MFA User Factor Setup

Closed

Assignee:: David Woloszyn

Reporter:: Matt Porritt

Peer reviewer:: Safat Shahin

Integrator:: Huong Nguyen

Tester:: Kim Jared Lucas

Participants:: CiBoT, David Woloszyn, Huong Nguyen, Kim Jared Lucas, Matt Porritt, Michael Hawkins, Paul Holden, Robert van_Garderen, Safat Shahin, Stevani Andolo

Votes:: 0 Vote for this issue

Watchers:: 13 Start watching this issue

Created:: 28/Oct/23 11:15 AM

Updated:: 14/Jun/24 1:24 PM

Resolved:: 05/Apr/24 8:49 PM

Estimated:

Remaining:

Logged:

1w 4d 5h 2m

Details

Setup

Test authenticator app

Test security key

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Time Tracking

Clockify