The Magento administrator provides all access to your shop, orders and customer data. To increase the security of your Magento store, Magento Two-Factor Authentication (2FA) adds support for two-step authentication for multiple providers. If enabled, users attempting to log in to the administrator must complete a second step to verify their account. All functionality and requirements are limited to administrator user accounts, they do not extend to customer accounts.
To Configure 2FA(Factor Authentication) follow below steps:
Step 1: Login to admin panel and go to Store -> Settings -> Configuration.
Step 2: Select Security and Click on 2FA .
- Expand the General section and set Enable Two-Factor Authentication to Yes.
- Select the authenticators needed for all users. To allow users to select their authenticator, do not select an option.
Google Authenticator
- Enable this Provider by selecting Yes.
- Enable “trust this device” option. This is (Optional) if you required then select Yes. NOTE: This option should be used in HTTPS only environments
U2F Devices (Yubikey and others)
- Enable this Provider by selecting Yes.
- Enable “trust this device” option. This is (Optional) if you required then select Yes.
Duo Security
- Enable this Provider by selecting Yes.
- Enter the following keys for your account:
- Integration key
- Secret key
- Enter the API hostname.
Authy
- Enable this Provider by selecting Yes.
- Enter the API Key.
- Enable “trust this device” option. This is (Optional) if you required then select Yes. NOTE: This option should be used in HTTPS only environments
- To edit the OneTouch message, clear the Use system value checkbox. Then enter the message you want to use.
Step 5: Click on Save Config button.
Step 6: Go to System -> Permissions -> All Users and select the user.
Step 7: Go to 2FA and select the 2FA Providers by clicking on check-box.
Step 8: Go to User Info and in Current User Identity Verification enter Your Password then click on Save User.
Step 9: Now you will see the 2FA Google Authenticator.Scan this QR Code with Google Authenticator app in your Mobile Phone.
Step 10: After completing this process at every login you will ask for Authenticator code.
Please contact us at manish@bay20.com or call us at +91-8800519180 for any support related to Magento 2. You can also visit the Magento2 development page to check the services we offer.