OverviewBack to top
Twilio has democratized communications channels like voice, text, chat, video, and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications.
Two-Factor Authentication (2FA) for Magento 2, also known as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves, such as when creating a new account or logging into an existing customer's account. It is one of the most dependable processes for account security.
Two-Factor Authentication has long been used to control system and data access. Online service providers are increasingly using two-factor authentication (2FA) to protect their users' credentials from being used by hackers who stole a password database or used online hacking to obtain user passwords.
In today's world, security is critical in the digital real world. In this case, two-factor authentication is used. It enables the admin to enter the verification code for the new customer when creating a new account. Existing customers will verify their identities by entering the OTP sent to their mobile number when logging in to their account.
Account & Pricing
- A separate Twilio account is required for the admin to use this module.
- The Twilio account must be created as this module requires the Auth ID and token and accounts SID of your Twilio account.
- You can sign up for free or login to your existing Twilio account.
- There are additional charges to use Twilio services. SMS pricing is based on the destination and type of message you’re sending, as well as the carrier to which the SMS is being sent.
- Please click here to view detailed updated pricing according to your country.
- Auth Code will be sent to the mobile number entered during registration. It will, however, be verified after the account is created.
- Customers must verify their identities in order to gain access to their accounts.
- The admin can enable and disable the TwoFactorAuth module through the admin configuration.
- The admin can change the expiry time of the verification code.
- At the time of registration, the admin can enable or disable TwoFactorAuth verification for customers.
How Does The Extension Work?
Setup Twilio API Credentials
The feature can be managed by the admin from the backend. Here, the admin can enable/disable the module on the frontend from the page. The admin has the ability to enable and disable authentication for the new user and customer by Yes/No.
Auth Code Validation
Also, the admin can set the authentication code expiry time to anything between 60 and 300 seconds. And the expiry time of an OTP is set to 60 seconds by default.
Verify New Customers
When a new customer creates an account a one-time password (OTP) will be sent to the customer's mobile number. The customer must now complete the two-step verification process.
Customers will enter the one-time password (OTP) on the Magento online store sent to their registered mobile number. After the verification, the new customer's account is successfully verified.
Secure Existing Customers
TwoFactAuth is available to existing customers also. Every time an existing customer logs in. they receive the OTP. After entering the OTP, they will be able to use their account.
For Store Owner
- The admin can set the expiry time of the OTP to anything between 60 and 300 seconds.
- The admin has the ability to enable and disable the module for new account registration verification.
- Admin stores are more secure from hackers who are trying to steal sensitive data.
- For the admin, it lowers the risk of a data breach.
- Existing customers can also log in to their accounts after entering the OTP.
- Customers can receive multiple authentication codes for registration.
- Customers' data will be secure with two-factor authentication.
Technical SpecificationsBack to top
Adobe Commerce platform compatibility
Open Source (CE): 2.4 (current)
Commerce on prem (EE): 2.4 (current)
Commerce on Cloud (ECE): 2.4 (current)
11 March, 2022
Extensions, Payments & Security, Fraud
Chrome, Firefox, Opera, Safari, Edge, IE
Quality ReportBack to top
All tests were conducted on the latest versions of Adobe Commerce that existed for the compatible release lines at the moment of the extension submission. Latest versions of all other software were used, as applicable.
Release NotesBack to top
- Compatible with Open Source (CE) : 2.4
- Compatible with Commerce on prem (EE) : 2.4
- Compatible with Commerce on Cloud (ECE) : 2.4
- Stability: Stable Build
+ Compatible with Magento 2.4.x.
+ At the time of registration Auth Code will be sent to the mobile number entered.
however, it will be verified after the account will be created.
+ Admin can enable/disable the TwoFactorAuth module from the admin configuration.
+ Admin can enable/disable TwoFactorAuth verification of the customers at the time of registration.
+ Until the Auth Code is verified customer cannot access any other page in his account.
SupportBack to top
The best place to start if you need help with a specific extension is to contact the developer. All Adobe Commerce developers have both a contact email and a support email listed.Contact Vendor