How to Enable Two-Factor Authentication by Email Challenge
Email Challenge adds an extra layer of security to user logins. When this setting is enabled, users will be required to complete a verification step by email during sign-in.
Before you begin
Make sure your server is able to send email successfully. If email delivery is not working, users will not receive the verification message.
Enable Email Challenge
- Sign in to your server as a superadmin.
- Open the Default Settings page.
- Add or edit the following setting:
Category: authentication
Subcategory: email_challenge
Type: Boolean
Value: True
Enabled: True
-
Save the setting.
-
Clear the application cache by running the following command from the /var/www/fspbx folder:
php artisan cache:clear
Example
Your setting should look like this:
- Category:
authentication - Subcategory:
email_challenge - Type:
Boolean - Value:
True - Enabled: enabled
What this setting does
When enabled, the system will require users to complete an email verification challenge during login.
This adds an extra security step beyond the password and helps protect user accounts from unauthorized access.
Test the feature
After saving the setting:
- Sign out of the user account.
- Sign back in.
- Confirm that the system sends a verification email and prompts for the challenge during login.
Disable Email Challenge
To turn the feature off, edit the same setting and either:
- change Value to
False, or - switch Enabled off
Then save the change and run:
php artisan cache:clear
from the /var/www/fspbx folder.
Troubleshooting
If users are not receiving the challenge email:
- verify that outbound email is configured correctly on the server
- confirm the user’s email address is correct
- check spam or junk folders
- clear the cache after updating the setting
- allow up to one minute for the setting change to take effect
Notes
Email Challenge is a simple way to add extra login protection using email verification.