Thursday , November 21 2024
Home > Magento Tips & News > Magento 2 Tutorials > Store Settings > How To Setup Two Factor Authentication In Magento 2

How To Setup Two Factor Authentication In Magento 2

Magento 2 2 factor authentication

To a Magento 2 store, the security issue is one of the most important things. Every time an admin signs in to the dashboard, the store needs a more secure method rather than just using a password – an obsolete way of protection. So to enhance system security in general, people have invented various ways of multiple layers of security that partly reduce the burden of unauthorized access. One of them is 2-factor authentication which is also applied in the Magento security system. In recent years, Magento store owners prefer Google Authenticator because of its popularity and convenience. 

This blog will guide you through how to set up and use Magento 2 two-factor authentication for the Magento admin first-time sign in. So there we go!

I. What is Two-Factor Authentication?

When it comes to the definition of two-factor authentication, I think no one can put it better than Wikipedia:

Two-factor authentication (also known as 2FA) is a type, or subset, of multi-factor authentication. It is a method of confirming users’ claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are. A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly-generated and constantly refreshing code which the user can use.

Two-step verification or two-step authentication is a method of confirming a user’s claimed identity by using something they know (password) and a second factor other than something they have or something they are.”

Particularly speaking, in this situation the 2FA to verify login attempts are a password and the scanning of a QR code using third party devices. Below are the steps to configure 2FA in Magento admin.

Related posts:
How to Disable 2FA in Magento 2.4 Using Command Lines
How to Update Magento Admin Account Information
10 Proven Tips for Securing Your Website From Hackers

II. How to Set up Magento 2 Two-Factor Authentication

Step 1: Set up Magento 2 Two-Factor Authentication

In the Admin dashboard, navigate to Stores > Settings > Configuration

navigate to Stores >> Settings >> Configuration

Span Security then select 2FA

Span Security then select 2FA

Span the General section and choose Magento Google Authenticator in the Provider to use field. If you use the default setting (by clicking Use system value), Magento will take Google Authenticator as your default provider.

  • Note: You can choose any 2FA providers you want but in this tutorial, we just focus on the Google two-factor authentication. 

Next, below the General section, span Google section. Here is the place where you can determine how long the one-time-passwords are valid for. The default value is 60, which means the OTP value will be changed every 60 seconds. 

span Google section - Magento 2 two-factor authentication tutorial

Now click Save Config and move on to the next steps.

Optimize Your Magento Store With Powerful Extensions

Looking for fast, efficient and well-coded extensions to build or optimize your Magento stores for sales boosting? Then visit Magezon website and grab necessary add-ons for yours today!

Step 2: Use Google Authenticator

Sign in to the Magento admin, you will see a new authenticator screen with a QR code like the image below.

Magento 2 two-factor authentication interface
Magento Google Authenticator

There are 3 ways for you to verify your account.

Method 1: Scan QR code using your smartphone

  • First, install the Google Authenticator app on your mobile. 
  • Open the Google Authenticator app, tap the + button in the lower right corner of your phone screen. Then choose the Scan QR code option.
  • Centre the camera that contains a red box on the QR code from the authenticator screen.
  • After the recognition process, Google Authenticator app will show you a 6-digit code. Enter the code in the field Authenticator code.
  • Hit the Confirm button.

Method 2:  Scan QR code using your web browser

  •  Install the Google Authenticator extension on your browser. 
  • Click the Authenticator icon in the toolbar and capture the page.
Scan QR code using Google Auth extension
Magento Google Authenticator

Method 3: Enter QR code manually

Like the first way, after opening the Google Authenticator app, hit the + button. Instead of choosing Scan QR code, select Manual Entry. Then enter the email address associated with your Magento admin account, and paste the QR code string into the Key field. 

That’s it. From now on you are not required to repeat that complicated process. For each time signing in, you just open the Google Auth app/extension and pick up a random 6-digit code as the second factor of 2FA. Like the image below:

Magento 2FA security screen
Magento Google Authenticator

Wrap it up

To avoid unauthorized access, multi-layered security is such an important part of the admin sign-in process. Hoping that after reading this tutorial, you have a deeper understanding of using Magento 2 two-factor authentication, and hence, you can upgrade your store security.

Along with these useful Magento 2 tutorial blogs, we also provide you with world-class Magento 2 extensions and plugins that help empower your web store. So check it out!

Optimize Your Magento Store With Powerful Extensions

Looking for fast, efficient and well-coded extensions to build or optimize your Magento stores for sales boosting? Then visit Magezon website and grab necessary add-ons for yours today!

About Laura Cao

Laura Cao
Laura graduated from Foreign Trade University with a bachelor’s degree in Business English and is currently serving as a content marketer at Magezon. She indulges in reading and writing everything about Magento. In her spare time, gardening and hanging out with friends are her area of interest.

Check Also

how-to-change-magento-2-default-store-view-01

How to Change Magento 2 Default Store View

In this blog, we’ll guide you through how to change Magento 2 default store view …

Leave a Reply