Two-Factor Authentication for Magento 2 is an optimal solution to secure e-commerce store systems. The module helps to upgrade and protect the system from unauthorized access.
OverviewBack to top
Mageplaza's Two-Factor Authentication extension (2FA) is the most up-to-date tool. The aim of creating this module is to tighten the security system in order to reduce the risks of information hacks, data breaches, which will cause obstruction to the whole business. Although there is no flow of revenue, the Two-Factor Authentication is still a great module to assist the e-commerce system to operate smoothly.
Why it is important to employ two-factor authentication in your store backend:
- To strengthen the protection for backend: Adding an additional level of security is necessary when anyone attempts to log in to the backend. This will build up a strong defense wall for the admin account as well as store information.
- To enhance admin experience: Store employees who have the admin role are able to access through mobile devices conveniently and still able to ensure the store data being protected. The administrators will have a better chance to execute their job tasks professionally.
- To reduce the cost of management: With the help of this module, the store owner will never have to spend extra money to purchase extra software or resetting passwords. This is a smart and economical way to benefit businesses.
- Second authentication to access admin accounts
- Force admins to use 2FA
- Admins are allowed to set trusted time and trusted device
- Gain support when using an app for mobile authentication
- Display in numerous kinds of screen types
Access Via Two Steps
- Obligatory to use the Two-Factor Authentication: The store owner is allowed to require admins pass through two steps of verification to enter store data. At the first step, the username and password are required. The second step will ask admins to enter a unique authentication code. If admin users fail to pass, they will be banned from access. The feature helps to safely protect data of the store.
- Support with apps for mobile authentication: The extension is supported to compatible with the mobile authentication app. In detail, apps like Authy, Google Authentication will assist the admin in entering the 2FA by confirming the code via scanning QR or using a manual key. When finishing the registration, the apps will give them a special code each time an admin logs in.
- Trust This Device
- Turn on the Trust-Device Function, limit trusted time: This is one of the main features in this extension, which helps to avoid forcing admins to login repetitively each time they want to access store backend. The account of a specific device will be trusted within a specific time period such as 30 days, 60 days, or more.
- Access the second time without authentication code: After admins login the first time successfully, within the given time period of trusted time, the second attempts to login will be faster without entering the authentication code. This feature is created with the aim of saving time for admins who have reliable accounts.
List Of Trusted Devices
The trusted devices list will be simply managed to check the verified admins. Moreover, key admins and owners are able to delete any admin accounts from the list in case there are any changes in the store workforce. Two-Factor Authentication will assure to protect the admin panel from outside access. The list will clearly view the admin information including details like:
- Device Name
- IP address
- Last login time
Mandatory To Use 2FA
Owners will easily turn on/off the 2FA registration.
Set Trusted Time
Allow setting numbers of days for the trusted period.
Friendly With Mobiles
It is designed to be well displayed by mobiles, desktops, tablets, and other screen types.
Full Feature List
Admin Account Setting 2FA
- Able to set account information: User name, Email, Password
- Allow enabling/disabling the account
- Input the authentication app’s confirmation code
- Insert different authentication code for certain time login
- Allow saving the second authentication confirmation by clicking on trust this device when login
- View the list for Trusted Device
- Allow removing admin accounts from the Trusted Device List
- Allow enabling/disabling the module
- Set 2FA as a requirement for admin login
- Turn on/off the Trusted Device
- Set days of a trusted period
Release NotesBack to top
- Compatible with Open Source (CE) : 2.3
- Compatible with Commerce on prem (EE) : 2.2 2.3
- Stability: Stable Build