Two-factor authentication is an impenetrable armor of your Magento 2 ecommerce store. Although it is not available by default, you can enable this functionality by installing third-party Magento 2 two-factor authentication modules. Below, we shed light on the Amasty Magento 2 Two-Factor Authentication extension – a tool that makes your backend available to staff members only.
The mechanism behind the two-step authentication extensions is the following: the default login and password fields are enhanced with the third one that requires a one time code generated by a smartphone application. Furthermore, you might have read our review of cryptocurrency hardware wallets, so you should know that the second step can be replaced with the help of the hardware device that should be connected to the computer to provide a user with the access to the precious data. This feature is not yet available for Magento, but we believe that it is only a matter of time. As for the functions of the Amasty Two-Factor Authentication Magento 2 module, they are the following:
- The most secure login based on two-factor authentication;
- The most effective protection against various spyware;
- White list with IP addresses that can log in without the second security step;
- Individual authentication settings.
The second authentication step introduces the most secure and at the same time the most simple way to protect your backend and information stored there against malefactors. Since each individual user role has its own settings, you can provide extra flexibility. Besides, due to the necessity to use only personal one time passwords, nobody else can enter the admin panel of your Magento 2 website.
Thus, a mobile device plays a role of an individual key which cannot be falsified. You need to install the Google authenticator application that generates OTP-codes that can be used just within 30 seconds. Also, since it is impossible to hack a right code within 30 seconds, your Magento 2 backend becomes entirely protected. Unless there are bugs in the code that allow stealing data without passing the login procedure.
To simplify the life of your administrators, you can create a list of IP addresses that can avoid the second verification step. Since the Magento 2 two-factor authentication extension allows you to configure each admin role individually, you can specify each particular company person for whom to enable an additional step.
Note that the Magento 2 two-factor authentication module is compatible with iOS, Android, and BlackBerry. Check supported OS version on its page on the Amasty website. The mobile device used in the 2-step authentication must support the Google Authenticator application. Also, note that you can enhance the security of your Magento 2 backend with the help of Admin Actions Log and Advanced Permission which perfectly work in combination with Two-Factor Authentication.
Before we proceed to the backend functionality of the Magento 2 Two-Factor Authentication module, check the reviews below:
Go to Stores -> Settings -> Configuration -> Amasty Extensions -> Two-Factor Authentication. Here, you can configure the Magento 2 two-factor authentication module. It is necessary to set the “Enable Two-Factor Authentication” field to “Yes” to make the module run on your website. Then, you can specify the discrepancy value defining the interval for the generation of verification codes. Next, you can create a list of IP addresses that do not require the second security step to login. Just separate them with a comma.
Next, go to System -> Permissions -> All Users. Select a user and find the Two-Factor Settings tab on the User Information page. Set “Enable TFA” to “Yes”. Now a user can insert a secret key into his or her Google Authenticator app or scan a QR code to start generating security codes. Then, it is necessary to check whether everything works correctly and the Magento 2 two-factor authentication extension enables the access to the backend. A newly generated security code must be entered into the “Security Code” field below the QR code, and the “Check Code” link must be clicked. Now, after clicking the “Save User” button, a user can log in to your Magento 2 backend using the two-step authentication procedure.
As for the frontend of the Magento 2 two-factor authentication extension by Amasty, the new login window has the following appearance:
As you can see, there are three fields: Username, Password, and Security Code. The third one adds this extra security layer that we have configured.
Magento 2 Two-Factor Authentication 1.1.2
- New function: ability to edit the discrepancy for generated verification codes.
The Amasty Two-Factor Authentication Magento 2 extension adds a vital improvement to the default Magento 2 backend. It doesn’t make the backend routine easier but makes it entirely secure from malefactors and attacks. The price of the Magento 2 two-factor authentication extension is just $129, so don’t hesitate to spend this money on this module. For further information, follow the link below: