Swissbit and lern.link secure Moodle with FIDO2 authentication
August 2023 by Marc Jacob
Storage and security specialist Swissbit and lern.link GmbH, one of the DACH region’s top integration consultants for the Moodle learning management system, are enhancing security for online learning platforms. The integration of the FIDO2 standard, which allows users to securely log in to the Moodle platform using multi-factor authentication (MFA), is an important initial step in the partnership. The already established Moodle plug-in for "multi-factor authentication" has been extended to integrate FIDO2/WebAuthn on the initiative of both companies and with the help of Swissbit. It is available for download at moodle.org/plugins/. Certified Moodle service providers, such as lern.link, can now provide phishing-resistant authentication via hardware security key or FIDO stick to users such as universities, schools, and businesses. Customers will be able to purchase the secure authentication method directly during implementation in the future through lern.link’s subscription model in a bundle with Swissbit’s iShield Key Pro security key. Full details will be announced by the companies at the MoodleMoot Global conference in September 2023.
Learning platforms have grown in popularity not only since the pandemic. Their ability to make educational content more accessible and the learning process more flexible is now being adopted by a growing number of educational institutions throughout the world. Moodle, a platform-independent open-source learning management system (LMS) with a global presence and active development community, is one of the most popular solutions on the market.
Moodle implementation and rollout are handled by certified partners such as lern.link GmbH, which has a long list of corporate and educational clients. Cybersecurity is critical to lern.link as a full-service provider. Access to online platforms typically starts with a login process. For this reason, the company turned to Swissbit to collaborate on making the established FIDO2 standard available as an additional MFA option for Moodle.
FIDO2 is based on asymmetric cryptosystems and relies on hardware security keys for authentication. lern.link and Swissbit committed to implementing the standard into the existing plug-in for "multi-factor authentication" and financially backed the request for FIDO2 integration as a login choice in Moodle. The functionality was tested and confirmed with Swissbit’s iShield Key Pro during implementation. In the spirit of platform openness, the plug-in is listed in the Moodle Plugins Directory and can be used by all Moodle system integrators and developers.
Moodle with Swissbit’s iShield Key Pro in a bundle
Both lern.link and Swissbit are working on a subscription model now that the technical prerequisites for using FIDO2 on Moodle have been created. In future, customers of lern.link will be able to order the required hardware security key, the Swissbit iShield Key Pro, when ordering a Moodle implementation. Details will be made available in the lead-up to MoodleMoot Global. The annual Moodle Community conference will take place in Barcelona from September 18 to 21, 2023.