Two Factor Authentication to the Magento 2 admin panel using Google Authenticator
It's extremely important that you keep your server time in sync with some NTP server.
In your Magento 2 base directory run:
composer require pmclain/magento2-tfa
bin/magento setup:upgrade
- TFA must be enabled by the individual user by clicking 'Account Setting(user)' in the Magento 2 admin panel.
- Once there, the user is able to enable the two factor authentication and view the QR code for a Google Authenticator compatible application.
- Users with TFA enabled will not be able to log into the admin panel without a valid authentication code input on the Magento 2 admin login page.
- Users with TFA disabled can leave the 'Authenticator Code' field blank during login.
TFA can be disabled using console commands if needed:
bin/magento pmclain:tfa:disable
bin/magento pcmlain:tfa:disable admin@example.com
| Release | Magento Version |
|---|---|
| 1.1.x | 2.2.x |
| 1.0.x | 2.1.x |
| 1.0.x | 2.0.x |
To use the two factor authentication, your user will have to install a Google Authenticator compatible app, below are some currently available:
- Authy for iOS, Android, Chrome, OS X
- FreeOTP for iOS, Android and Peeble
- FreeOTP for iOS, Android and Peeble
- Google Authenticator for iOS
- Google Authenticator for Android
- Google Authenticator for Blackberry
- Google Authenticator (port) on Windows app store
- Microsoft Authenticator for Windows Phone
- 1Password for iOS, Android, OSX, Windows
Open Software License v3.0