FORLYZEForge demo
LoginAdmin
/MFA, OTP, email verification, and staff controls

MFA, OTP, email verification, and staff controls

Server owners configure email verification, staff-required MFA, TOTP, SMS OTP providers, CAPTCHA, session expiry, and IP allowlist.

RequiredStaff MFA
OnEmail verify
MockSMS mode

TOTP

Enabled

SMTP

Configurable

SMS OTP

Twilio/Netgsm/Verimor

CAPTCHA

Turnstile-ready

Implementation checklist

  • Staff routes require MFA in production
  • Recovery codes and trusted devices planned
  • Login rate limits use Redis prefix
  • Turnstile can be required for register/login/forms
  • Audit logs capture sensitive actions