Authentication is the process of allowing a user to log in to a Moodle site with a username and password.

Authentication plugins

Moodle provides a number of ways of managing authentication, called authentication plugins.

Standard authentication plugins are:

• Manual accounts - accounts created manually by an administrator
• No login - suspend particular user account
• Email-based self-registration - for enabling users to create their own accounts
• CAS server (SSO) - account details are located on an external CAS server
• External database - account details are located on an external database
• LDAP server - account details are located on an external LDAP server
• LTI - works with the Publish as LTI tool enrolment method to connect courses and activities
• Moodle Network authentication - how different Moodle sites can connect and authenticate users
• No authentication - for testing purposes or if the Moodle site is not available on the Internet. Do NOT use on public servers!
• Shibboleth - account details are located on an external Shibboleth server
• OAuth 2 - authenticate with an OAuth 2 service
• Web services - for a dedicated account which integrates with your site via web services

There are also many additional authentication plugins in the Moodle plugins directory.

Multi-factor authentication can be enabled and managed from Site administration > Plugins > Admin tools in order to increase site security by requiring additional steps before users can log in.

Password visibility toggle

Specify whether the password field on the login screen can have the visibility of its contents toggled. This is useful in providing a way to check a password value is entered in correctly. Choose between enabling this setting for all logins, or for logins on small screens only (default). This can also be disabled if required.

You can access this feature from Site administration > Plugins > Authentication > Manage authentication.

See also

• Authentication FAQ