MSP TwoFactorAuth
Two Factor Authentication module for maximum backend access protection in Magento 2.
Member of MSP Security Suite
See: https://github.com/magespecialist/m2-MSP_Security_Suite
Did you lock yourself out from Magento backend? click here.
- Providers:
- Google authenticator
- QR code enroll
- Authy
- SMS
- Call
- Token
- One touch
- U2F keys (Yubico and others)
- Duo Security
- SMS
- Push notification
- Google authenticator
- Trusted devices
- High security rolling codes
- Trusted devices revoke list
- Central security suite events logging
- Per user configuration
- Forced global 2FA configuration
1. Install using composer
From command line:
composer require msp/twofactorauth
2. Enable and configure from your Magento backend config
Enable from Store > Config > SecuritySuite > Two Factor Authentication.
3. Enable two factor authentication for your user
You can select among a set of different 2FA providers. Multiple concurrent providers are supported.
4. Subscribe / Configure your 2FA provider(s):
4.1 Google Authenticator example
4.2. Duo Security example
4.3. U2F key (Yubico and others) example
4.4. Authy example
If you messed up with two factor authentication you can disable it from command-line:
php bin/magento msp:security:tfa:disable
This will disable two factor auth globally.
If you need to manually reset one single user configuration (so you can restart configuration / subscription), type:
php bin/magento msp:security:tfa:reset <username> <provider>
e.g.:
php bin/magento msp:security:tfa:reset admin google
php bin/magento msp:security:tfa:reset admin u2fkey
php bin/magento msp:security:tfa:reset admin authy
Emergency of emergency and your house is on fire, your dog is lost and your wife doesn't love you anymore:
DO NOT ATTEMPT TO MODIFY ANY DB INFORMATION UNLESS YOU UNDERSTAND WHAT YOU ARE DOING
Table core_config_data
:
msp/twofactorauth/enabled
: Set to zero to disable 2fa globallymsp/twofactorauth/force_providers
: Delete this entry to remove forced providers option
Table msp_tfa_user_config
:
- Delete one user row to reset user's 2FA preference and configuration