Authentication is the process of allowing a user to log in to a Moodle site with a username and password.
Moodle provides a number of ways of managing authentication, called authentication plugins.
Standard authentication plugins are:
- Manual accounts - accounts created manually by an administrator
- No login - suspend particular user account
- Email-based self-registration - for enabling users to create their own accounts
- CAS server (SSO) - account details are located on an external CAS server
- External database - account details are located on an external database
- LDAP server - account details are located on an external LDAP server
- LTI - works with the Publish as LTI tool enrolment method to connect courses and activities
- Moodle Network authentication - how different Moodle sites can connect and authenticate users
- No authentication - for testing purposes or if the Moodle site is not available on the Internet. Do NOT use on public servers!
- Shibboleth - account details are located on an external Shibboleth server
- OAuth 2 - authenticate with an OAuth 2 service
- Web services authentication
Multi-factor authentication can be enabled and managed from Site administration > Plugins > Admin tools in order to increase site security by requiring additional steps before users can log in.