This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Secure Any CMS With Ease with Our Malware Protection Add-On! LEARN MORE→

How to Setup Magento Two Factor Authentication on Ecommerce Store

Updated on December 24, 2021

4 Min Read
magento 2 two factor authentication

The Magento admin is the area which provides access to all including your store data, orders, customers data, and more. Even if you have a strong or secure password, it is easier for someone to steal your credentials when you access your Magento account. But how do you increase the security of your Magento ecommerce store admin panel? Magento Two Factor Authentication (2FA) extension is one way to add another security layer to your Magento store.

The Magento Two Factor Authentication (2FA) gives you an opportunity to protect the Magento store from hackers, keyloggers, unauthorized logins, data sniffing tools, and other threats. Using the password and a security code from your smartphone, you can easily enhance your Magento admin security. Also, keep it in mind that you only share the code with authorized users to access the Magento admin panel.

Let’s start with setting up the Magento 2FA. I am assuming that you have an active installation of Magento 2 store and you also have access to the server via SSH. Because, at this time, you can install the Magento 2FA module through the command line.

Scalable, Super Fast, & Secure Magento Hosting

Our Clients Love us because we never compromise on these features

How to Install Magento Two Factor Authentication Module

Connect your server through the SSH Terminal and navigate to the root directory of your Magento 2 store. Now, run the following composer command to install Magento Two Factor Authentication:

composer require msp/twofactorauth:3.0.0

How to Enable Magento Two Factor Authentication Module

Once you have installed the Magento Two Factor Authentication module, you will need to run the following commands to enable it:

php bin/magento module:enable –all

php bin/magento setup:upgrade

Once done, purge the Magento 2 cache by running the following commands just to be on the safe side:

php bin/magento cache:clean

php bin/magento cache:flush

You have successfully installed and enabled the Magento 2FA module. Let’s configure it now.

Configuring Magento Two Factor Authentication

There are four types of authenticators that you can configure for your Magento 2 store:

  • Google Authenticator
  • U2F Devices (Yukikey and others)
  • Duo Security
  • Authy

It is compulsory to choose at least one authenticator per user account, or you can force an authenticator globally for all accounts as well.

However, I would recommend you to install only one authenticator for the Magento 2 admin panel because if you select multiple authenticators, you will have to use input tokens for each one separately.

Configure Google Authenticator with Magento 2FA Plugin

I am going to configure Google Authenticator. However, you can use any of the authenticators mentioned above that fit your requirements.

Now, login to your Magento 2 admin panel and tap STORESConfiguration from the sidebar.

Magento 2 Stores Configuration

On the left panel, expand Security and tap 2FA.

Magento 2 Security 2FA

Expand the General section from the right side and select Yes to enable Magento Two Factor Auth and choose Google Authenticator in Force providers option.

Magento 2FA General Settings

Now, expand the Google Authenticator section and select Yes to enable it. In Enable “trust this device” option, you will have two choices.

  • If you want the user not to enter the authentication code for every login per device, select Yes.
  • If you want to force the user to enter the authentication code on every login and device, select No.

Magento 2FA Google Authenticator

Finally, the configuration of Google Authenticator for Magento 2FA is completed. Tap Save Config button to save all the changes you made.

Testing Magento Two Factor Authentication

Now, install the Google Authenticator app on your mobile device or a smartphone. You can download the Google Authenticator from Google Play Store or iOS App Store.

Try logging out and then back into the Magento 2 admin panel with your username and password. With the login attempt, Magento Two Factor Authentication module will prompt a QR code.

Magento 2 FA QR Code

Scan the QR code using the Google Authenticator app on your mobile device and enter the code to confirm access to your Magento 2 admin panel.

Final Thoughts

Magento Two Factor Authentication is highly secure & straightforward. Rather than relying on a password alone, which anyone can crack or guess or phish easily, you can secure your store with the Magento 2FA. It adds another security layer to your Magento 2 admin panel and protects your store’s admin panel from unauthorized access.

If you still find it difficult to install or configure the Magento Two Factor Authentication module on your ecommerce store, feel free to drop your query in the comment box, and I will get back to you as soon as possible.

Share your opinion in the comment section. COMMENT NOW

Share This Article

Abdur Rahman

Abdur Rahman is the Magento whizz at Cloudways. He is growth ambitious, and aims to learn & share information about Ecommerce & Magento Development through practice and experimentation. He loves to travel and explore new ideas whenever he finds time. Get in touch with him at [email protected]

×

Get Our Newsletter
Be the first to get the latest updates and tutorials.

Thankyou for Subscribing Us!

×

Webinar: How to Get 100% Scores on Core Web Vitals

Join Joe Williams & Aleksandar Savkovic on 29th of March, 2021.

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Do you like what you read?

Get the Latest Updates

Share Your Feedback

Please insert Content

Thank you for your feedback!

Want to Experience the Cloudways Platform in Its Full Glory?

Take a FREE guided tour of Cloudways and see for yourself how easily you can manage your server & apps on the leading cloud-hosting platform.

Start my tour

CYBER WEEK SAVINGS

  • 0

    Days

  • 0

    Hours

  • 0

    Mints

  • 0

    Sec

GET OFFER

For 4 Months &
40 Free Migrations

For 4 Months &
40 Free Migrations

Upgrade Now