How to Install and Configure Two Factor Authentication on Magento 2
Two months ago, Magento rolled out the Two Factor Authentication technology to boost the overall security system. It has been designed to protect the stores from being hacked. In fact, even if the hacker manages to get your login credentials, it will be impossible to intrude your website due to the application of the extra security layer. In this article, you will know the process of installing and configuring the Two Factor Authentication system. Now, let’s dive in.
Installing Two Factor Authentication on Magento 2
There are two ways of installing the new security system. The first one is using SSH Terminal. The second one is using plugins, like Two-Factor Authentication extension from Aitoc and Xtento. In this tutorial, we will perform the installation with SSH terminal. However, keep in mind that the method is unlikely to work on shared Magento web hosting, as it utilizes the composer.
Installing Two Factor Authentication Using SSH Terminal
- Open SSH terminal.
- Connect your website.
- Head to the root directory. Run this command:
- Use this line to activate Two Factor Authentication module:
php bin/magento module:enable --all
- Type this line to upgrade the setup:
php bin/magento setup:upgrade
- Use this command to compile the setup:
php bin/magento setup:di:compile
- Clean the cache.
- Finally, flush the cache to complete the installation process
php bin/magento cache:flush
Configuring Two Factor Authentication on Magento 2
You can configure Two Factor Authentications using four types of authenticators. They are:
- Google Authenticator
- U2F devices
- Duo Security
In this tutorial, we will configure Google Authenticator, which is the most popular option.
Configuring Google Authenticator
- Log in to the Magento 2 admin panel.
- Head to Stores > Configuration.
- Expand Security.
- Click on 2FA.
- Now, expand the General section. In Force providers option, select Google Authenticator.
- Expand Google Authenticator section. To active, select Yes. In Enable “trust this device” option, select No. It will force the users to enter the authentication code every time they sign in to your store. If you want to do just the opposite, select Yes.
- Finally, click on the Save Config button to complete the configuration.
Testing Two Factor Authentication on Magento 2
Now, it’s time for checking whether the Two Factor Authentication is working properly or not on your store. Just follow these steps:
- Install the Google Authenticator app on your smartphone.
- Log out and log in to your Magento 2 admin panel. You will be asked to scan a QR code during the sign in attempt.
- Scan the code with the authentication app that you have installed in the first step. You will be provided with a code. Insert it in the Authenticator code field in Magento 2. Finally, click on the Confirm button.
If you manage to get into the admin panel without any issue, then you have implemented the Two Factor Authentication on your Magento 2 store successfully.
In this article, you have learned the way of installing Two Factor Authentication with SSH Terminal. You have also learned to configure it and check its functionality with the Google Authenticator mobile app. Now, the store has become highly secured. The hackers will have a very hard time intruding your website.