user

Menu Token

module_name
menu_token
Description

Add tokens, such as a user ID, to text or URL paths of menu items. 

Be wary of this issue: Current-user:uid not correct

Categories
Tested by me
Yes
Drupal 8 support
Yes
Essential
No
Avoid
No

Required by role

module_name
required_by_role
Description

Set required fields more precisely.

Categories
Tested by me
Yes
Drupal 8 support
Yes
Essential
Yes
Avoid
No

Two Factor Authentication

module_name
tfa
Description

install tfa and ga_login (TFA is just a framework, it doesn't come with it's own login plugins.)

Use this patch I wrote - it adds display of validation skip times and an admin reset button for users who are got locked out.

My installation instructions:

Next you need to generate an encryption profile.
First you need to generate a key - key type needs to be Encryption (not Authentication).
A 128bit key = 128/8 bytes = 16 characters - so generate a random 16 character string.

Set key provider to File rather than Configuration, this means the key won't end up in your version control.

Tick the 'strip trailing line breaks' box to avoid the "The selected key size does not match the actual size of the key." error

Key path should be relative to Drupal so the config will work on multiple sites
e.g. if you have created a file called /app/tfa.key on a lando container, set the key path to ../tfa.key
I'm actually creating mine in a keys directory.

Remember to save the key somewhere in your password manager, or your ansible variables, in case you lose the files later.
Remember to add /keys to your .gitignore file, so it won't get stored in version control.
Remember to copy it manually onto your production server.

In the TFA settings (/admin/config/people/tfa) you probably want to increase the number of times a user can skip validation.

Note that TFA has a separate 'Tfa user login' block (replacing the ordinary 'User login') 

Categories
Tested by me
Yes
Drupal 8 support
Yes
Essential
Yes
Avoid
No

Flood Control

module_name
flood_control
Description

Protect against brute-force login attacks. Unclear what's happening with porting of this.

Categories
Tested by me
No
Drupal 8 support
No
Essential
No

Masquerade

module_name
masquerade
Description

Allows you to browse the site as another user (to see what they see) and then quickly switch back again.  A general Drupal recommendation is to create test accounts for each of your roles, so this is useful for testing them.  (As per notes, don't use it for anonymous access, just log out.)  Replacement for 'Switch User'.

Patch and known bug:

Categories
Tested by me
Yes
Drupal 8 support
Yes
Essential
Yes
Avoid
No