Skip to Content

OE Auth: Two-Factor Authentication

by
Odoo

32.54

v 13.0 Third Party
Live Preview
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Discuss (mail)
Community Apps Dependencies
Lines of code 3532
Technical Name oe_2fa_auth
LicenseOPL-1
Websitehttps://odooengineering.com
Versions 12.0 13.0 14.0 15.0 16.0 17.0 18.0 19.0
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Discuss (mail)
Community Apps Dependencies
Lines of code 3532
Technical Name oe_2fa_auth
LicenseOPL-1
Websitehttps://odooengineering.com
Versions 12.0 13.0 14.0 15.0 16.0 17.0 18.0 19.0
Keywords: two-factor authentication, MFA, 2FA, TOTP, authenticator app, Google Authenticator, Authy, Microsoft Authenticator, Email OTP, SMS OTP, Twilio, backup codes, recovery codes, trusted device, remember device, login security, Odoo security, user authentication, group-based enforcement, admin dashboard, rate limiting, Odoo 18, Odoo Engineering
Odoo Engineering

OE Auth: Two-Factor Authentication

Protect every Odoo login with TOTP authenticator apps, email and SMS one-time codes, backup recovery codes, and trusted devices - all managed from a powerful admin dashboard.

Try It Out Contact Us

Enhanced Features in This Version

Professional Capabilities for Your Business

Email, SMS, and Authenticator App (TOTP) verification with QR code setup wizard

10 one-time backup recovery codes to prevent permanent lockouts

Trusted devices with configurable duration (30-day default) for frictionless repeat logins

Group-based enforcement and granular policy controls for staged rollouts

Admin dashboard with graph and pivot views for adoption tracking and one-click reset

Brute-force protection with login attempt tracking and temporary lockout

Smart resend cooldowns, configurable TTL, and attempt limits

Masked contact hints and clear error messaging for end users

Twilio-ready SMS gateway with test mode for staging and QA environments

Portal user support with public verification page and countdown timers

Before & After OE Auth: Two-Factor Authentication

Before

  • Odoo users authenticate with only a password, leaving accounts vulnerable to credential theft
  • No built-in mechanism for backup codes when primary 2FA methods are unavailable
  • Administrators lack visibility into who has enrolled and which methods are in use
  • Portal and website logins bypass security policies that apply only to backend users

After

  • Every login surface - backend, portal, and website - challenges users with a second factor
  • Backup recovery codes prevent permanent lockout when phones are lost or reset
  • Admin dashboard tracks enrollment rates, method adoption, and verification status in real time
  • Group-based policies let you phase in 2FA by department without disrupting the entire company

What's Included

Core Features

  • TOTP authenticator app support (Google Authenticator, Authy, Microsoft Authenticator, RFC 6238)
  • Email OTP with configurable TTL, resend cooldowns, and attempt limits
  • SMS OTP via Twilio with test mode for safe development and staging
  • Backup recovery codes - one-time use, regeneratable, with clear user guidance

Additional Components

  • Trusted devices with configurable trust duration per security policy
  • Group-based enforcement to selectively require 2FA for specific user groups
  • Admin dashboard with graph and pivot views for adoption and status tracking
  • Masked contact hints so users can identify their registered email or phone
  • 20+ language coverage and dedicated Odoo Engineering support

Global Language Support (20+)

Available in 20+ languages: es_ES, fr_FR, it_IT, pt_BR, nl_NL, da_DK, de_DE, pl_PL, ar_001, zh_CN, ru_RU, ja_JP, tr_TR, id_ID, th_TH, vi_VN, ko_KR, pt_PT, sv_SE, cs_CZ.

How to Use This Module

Step-by-Step Instructions to Get Started

Installation & Setup

  1. Install the module: Go to Apps -> Search for "oe_2fa_auth" -> Click Install
  2. Configure permissions: Navigate to Settings -> Users & Companies -> Grant access to administrators who will manage 2FA policies
  3. Initial configuration: Open Settings -> General Settings -> Two-Factor Authentication and set TTL, resend limits, trusted device duration, and Twilio credentials

Basic Usage

  1. Enroll users: Open each user record, enable Two-Factor Authentication, and choose Authenticator App, Email, or SMS as the primary method
  2. Generate backup codes: After enrollment, generate one-time recovery codes and instruct users to store them securely
  3. Monitor adoption: Use the admin dashboard to track enrollment rates, method distribution, and verification status across the organization
  4. Enforce by group: Assign 2FA requirements to specific user groups in General Settings to phase in security without disrupting all users at once

Tips & Best Practices

  • Enable SMS test mode in staging and QA environments to validate flows without sending real messages or incurring Twilio charges
  • Roll out 2FA by department using group-based enforcement - start with IT and finance, then expand to all users
  • Schedule periodic audits to disable 2FA for deactivated accounts and archive old verification logs
  • Combine with oe_access_hub to centralize security policy management across modules

Important Notes

Ensure outbound mail and SMS gateways are operational before launching company-wide MFA. If Twilio credentials rotate, update system parameters immediately to avoid delivery failures. Users must have valid email addresses or phone numbers on their user records for OTP delivery to succeed.

Frequently Asked Questions

Q: Which Odoo versions and authentication methods are supported?

A: ``oe_2fa_auth`` targets Odoo 18 Community and Enterprise editions. Supported methods include TOTP authenticator apps (Google Authenticator, Authy, Microsoft Authenticator), Email OTP via your configured outgoing mail server, and SMS OTP via Twilio with test mode for staging environments.

Q: How do we onboard hundreds of users quickly?

A: Start with settings defaults, enable 2FA for a pilot group (e.g., IT admins), then expand by department using group-based enforcement. Share the enrollment instructions with users and use the admin dashboard to track progress. Backup codes ensure no one is locked out during rollout.

Q: Can we extend the module with additional SMS providers or authentication methods?

A: Yes. Inherit the relevant methods to connect other SMS gateways or add custom authentication channels. The module is designed with extension points for additional providers and verification methods.

Q: What happens if a user loses their phone or cannot access their primary method?

A: Backup recovery codes provide a fallback. Each code is one-time use and users are prompted to regenerate them after use. Administrators can also disable 2FA for a specific user from the user form in emergencies.

Launch Demo Instance

Explore OE Auth: Two-Factor Authentication in a live environment

Try It Now

Proudly American-Owned & Operated

Built for American Businesses First

At Odoo Engineering, we understand the unique needs of American businesses. Our modules are designed with clear, English-first terminology and workflows that align with US business practices, while maintaining universal accessibility for companies worldwide.

Why Choose Odoo Engineering

Professional Excellence Enterprise-grade modules built to the highest standards 90-Day Warranty Full support and bug fixes guaranteed Clear Documentation English-first terminology that everyone understands
US Business Hours Support when American businesses need it most Clean Code Well-documented, easily extensible modules Expert Team Dedicated professionals focused on your success

Quality Odoo modules that are easily extended at reasonable prices – that's the Odoo Engineering promise.

Complete AI Business Intelligence Suite

Powered by our open-sourced oe_ai_job_base framework - Build or Buy AI Extensions

This module is part of our AI Business Intelligence ecosystem. Purchase individual modules or contact us for custom AI solutions built on this proven framework.

Data Cleaner

Auto-fixes addresses, names, phones with smart AI rules

Message Analysis

Sentiment, urgency, and topic extraction for partners

Advanced Search

Natural language queries across your database

QuickBooks Bridge

AI-guided sync with QuickBooks Online

Want something custom? We build AI integrations tailored to your business.

Support & Services

Get Help

Need assistance? Our support team is here to help with installation, configuration, and troubleshooting.

Contact Support

Custom Development

Looking for custom features or integrations? We offer professional Odoo development services.

Request Quote

Ready to Get Started?

Install OE Auth: Two-Factor Authentication today and experience the difference quality makes.

Launch Demo Get in Touch

© 2025 Odoo Engineering. All rights reserved.

Professional Odoo modules built with excellence in the USA.

Odoo Proprietary License v1.0

This software and associated files (the "Software") may only be used (executed,
modified, executed after modifications) if you have purchased a valid license
from the authors, typically via Odoo Apps, or if you have received a written
agreement from the authors of the Software (see the COPYRIGHT file).

You may develop Odoo modules that use the Software as a library (typically
by depending on it, importing it and using its resources), but without copying
any source code or material from the Software. You may distribute those
modules under the license of your choice, provided that this license is
compatible with the terms of the Odoo Proprietary License (For example:
LGPL, MIT, or proprietary licenses similar to this one).

It is forbidden to publish, distribute, sublicense, or sell copies of the Software
or modified copies of the Software.

The above copyright notice and this permission notice must be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author or have a question related to your purchase, please use the support page.