Best Roundcube 2FA plugin
Two-factor authentication is essential when protecting access to email. Using the Protectimus Roundcube OTP plugin, you can set up two-factor authentication in the Roundcube webmail client in just 15 minutes.
2FA from professionals
Adding 2FA to Roundcube in 15 minutes
OTP delivery methods
Pricing
Lifetime License and Enterprise Pricing Plan
Lifetime license
for enterprise clients
Lifetime license for any number of users
Customized MFA platform tailored to your needs
Custom integrations
Dedicated engineers and direct support
Tokens We Use
Hardware OTP Tokens
1
50
500
1000
5000
Protectimus Two
The Protectimus TWO hardware OTP tokens are made in the form of key fobs. They are high-strength, water-resistant, and there are versions with different OTP lifetimes – 30 or 60 seconds.
Protectimus Flex
The reprogrammable and stylish hardware TOTP token
Protectimus Shark
This hardware token offers exceptional security features by supporting TOTP (RFCÂ 6238) and SHA-256 algorithm
Protectimus Slim
Reprogrammable NFC token, that fits any two-factor authentication system
Hardware OTP Tokens
Protectimus Two
The Protectimus TWO hardware OTP tokens are made in the form of key fobs. They are high-strength, water-resistant, and there are versions with different OTP lifetimes – 30 or 60 seconds.
| 1 | 50 | 500 | 1000 | 5000 |
|---|---|---|---|---|
| $11.99 | $11.49 | $10.99 | $9.99 | $8.99 |
Protectimus Flex
The reprogrammable and stylish hardware TOTP token
| 1 | 50 | 500 | 1000 | 5000 |
|---|---|---|---|---|
| $19.99 | $18.99 | $16.99 | $15.99 | $13.99 |
Protectimus Shark
This hardware token offers exceptional security features by supporting TOTP (RFCÂ 6238) and SHA-256 algorithm
| 1 | 50 | 500 | 1000 | 5000 |
|---|---|---|---|---|
| $14.99 | $14.49 | $13.99 | $12.99 | $11.99 |
Protectimus Slim
Reprogrammable NFC token, that fits any two-factor authentication system
| 1 | 50 | 500 | 1000 | 5000 |
|---|---|---|---|---|
| $11.99 | $11.49 | $10.99 | $9.99 | $8.99 |
Software MFA Methods
Protectimus Smart
Free 2FA app for iOS and Android with encrypted cloud backup, PIN, and biometric protection
Protectimus Bot
OTP delivery via messenger — easy, secure, convenient. The service is available on Telegram, Viber and Facebook Messenger
Protectimus Push
Free one-time password delivery through push notifications in the Protectimus Smart 2FA app - simply press a button to confirm your login
Software MFA Methods
Protectimus Smart
Free 2FA app for iOS and Android with encrypted cloud backup, PIN, and biometric protection
Protectimus Bot
OTP delivery via messenger — easy, secure, convenient. The service is available on Telegram, Viber and Facebook Messenger
Protectimus Push
Free one-time password delivery through push notifications in the Protectimus Smart 2FA app - simply press a button to confirm your login
Ready to get started?
Knowledge Base
What does ОТРmean?
Can a one-time password be hacked?
A one-time password is generated with a secret key that is ‘built into’ your token and that is known only to our service. No other device can generate the correct one-time password without the knowledge of secret and securely protected information. We use password generation algorithms that virtually eliminate the possibility of a password getting hacked.
Since a token is not connected to a server in any way, it is impossible to intercept a password while it is being transferred.
A potential intruder may try to simply come up with the correct password by trying various combinations of characters, but the system is well protected against this type of attack – after a certain number of attempts, an account is locked for 5 minutes, which renders such an attack ineffective.
Is the two-factor authentication mechanism reliable?
I’ve read that biometric authentication is the most reliable type of authentication; is that correct?
The problem with biometric authentication is that a parameter verified can be copied, but it can’t be modified. It is easy to obtain a person’s fingerprint and make a copy of it, but a person’s fingerprint cannot be changed or modified, unlike a token that can be re-issued. Besides, how would you even know that your biometric data was copied?
Of course, many attempts have been made to improve the mechanism, and it is not as easy to trick the modern scanners – they are smart enough to distinguish between a real person and a mechanical copy. But it makes little sense to try to outsmart a scanner, because in the end the scan result is transformed into a set of digital characters. And, as already mentioned above, biometric parameters do not change, which means that once such data is lost, your authenticators (your fingerprints, your eye retina, etc.) are compromised forever.
Besides, biometric authentication always involves assessment that’s probabilistic in nature; it is aimed at assessing a tested sample’s equivalence to the reference standard. Therefore, depending on the settings, there is either a chance that access to the system will be given to a person with similar characteristics or a chance that a valid user will not be given access to the system.
Moreover, when one considers all the various ways in which potential intruders can gain access to one’s biometric data, one begins to doubt whether it is reasonable to use biometric data at all.
ОТРs eliminate the possibility of all the situations described above.In our opinion, biometrics can serve as an effective identification tool, but the task of authentication is best left to ОТРs.
