Plugins Popular

Two-Factor Authentication

Protect your OJS accounts with TOTP-based two-step verification

What it does

Two-Factor Authentication adds TOTP-based two-step verification to OJS, protecting user accounts from unauthorized access.

After enabling the plugin, an administrator selects which roles require 2FA (e.g., editors, authors, reviewers). Users with a required role are guided through setup on their next login.

How setup works

  1. Scan a QR code with any authenticator app (Google Authenticator, Authy, Microsoft Authenticator, 1Password)
  2. Confirm setup by entering the 6-digit code from the app
  3. Receive 10 one-time backup codes for emergency access

From that point on, every login requires a code from the app in addition to the password. Users can optionally mark their browser as trusted to skip 2FA for a configurable number of days.

Key features

  • Per-role enforcement — administrator decides which roles require 2FA (Site Admin, Editor, Author, Reviewer, etc.)
  • Trusted browsers — users can mark their browser as trusted to skip 2FA verification for a configurable period (e.g., 30 days). Manage trusted browsers from the profile Security tab.
  • Backup codes — 10 one-time codes with automatic email warnings when used
  • Security tab in profile — users can reconfigure 2FA, regenerate backup codes, and manage trusted browsers
  • Smart reviewer handling — reviewers invited via token link aren’t blocked by the 2FA requirement
  • Admin reset — search any user and reset their 2FA from the plugin settings panel
  • Sitewide — works globally across all journals on the OJS instance
  • Email notifications — system alerts when backup codes are used or regenerated

Requirements

  • OJS 3.4 or 3.5
  • Any TOTP authenticator app on the user’s phone

Features

  • Role-based 2FA enforcement — choose which roles require verification
  • TOTP standard — works with Google Authenticator, Authy, Microsoft Authenticator, 1Password
  • Trusted browsers — users can skip 2FA on recognized devices for a configurable number of days
  • 10 one-time backup codes with automatic warnings
  • Email notifications on backup code usage and regeneration
  • Security tab in user profile for self-service 2FA management and trusted browser control
  • Smart reviewer handling — invitation-link reviewers aren't blocked
  • Admin reset — search any user and reset their 2FA
  • Sitewide — works globally across all journals on the instance
  • Localization: English, Polish

Requirements

  • • OJS 3.4+ or 3.5+
  • • Any TOTP authenticator app (Google Authenticator, Authy, 1Password, etc.)

Explore more plugins

Abstract Limit

Set word limits for article abstracts. Real-time word counter under the editor, server-side validation, and QuickSubmit compatibility. Per-journal configuration.

OJS 3.4 OJS 3.5
-30%
$43 $62
/ journal
Details →

Required Keywords

Require authors to provide a specific number of keywords when submitting. Server-side validation, visual indicators, and multi-locale support.

OJS 3.4 OJS 3.5
-30%
$43 $62
/ journal
Details →

JEL Classification

Add Journal of Economic Literature (JEL) classification codes to submissions. Autocomplete field, full JEL hierarchy, and display on published article pages.

OJS 3.4 OJS 3.5
-30%
$84 $120
/ journal
Details →