How to enable/disable two factor authentication in Magento 2?
Two-factor authentication is a method of identifying a user in service by requesting authentication data of two different types, which provides a two-layer, which means more effective account protection against unauthorized entry. In most cases it looks like this: the first line is a login and password, the second is a special code that comes by SMS or e-mail.
Magento authentication keys are unique keys that are necessary for accessing and installing Magento modules and extensions from the Magento Marketplace. These keys work like login credentials, providing secure access to the store’s backend for updates and installations, but without requiring direct admin login details.
In the age of technology, it is important to be able to protect data that is stored on the Internet, as it can be hacked and stolen. Safety comes first. Therefore, it is important to know how to enable or disable Magento 2FA in order to protect your data and your users' data.
How to enable Two-Factor Authentication?
Step 1. Setting up two-factor authentication.
You need to have a two-factor authentication app installed before you will be able to log in with administrator rights for your store. (f.e. Google Authenticator)
Step 2. Signing in to the Admin of the store.
You need to enter the Admin URL that was created during the Magento installation.
Step 3. Completing the 2FA configuration.
1. You need to link Google Authenticator app with your Admin account:
Firstly, the QR code will appear on your screen, then you are to capture this QR code in order to pair Google Authenticator with your Admin account. You can do this in several ways:
- You can scan the QR code with your phone.
- QR code can be captured in the browser.
You need the Google Authenticator extension to be installed in your browser.
- You are able to enter the QR code manually.
To do this, you need to copy the text below the QR code, then launch the Google Authenticator app on your smartphone or in your PC browser, and click + sign. After that, choose Manual Entry. Under Account, enter the email address associated with your Admin account and paste the QR code string into the Key field.
2. The last step is to enter the six-digit code generated by Google Authenticator into the Authenticator code field in order to sign in to the Admin with two-factor authentication. Then click the Confirm button.
Sounds kinda hard. All of this can be omitted by using the Two-Factor Authentication extension. With its help you will be able to do all these steps in 2 clicks. And the main thing is that this extension will help protect your Magento account from hacks and keep your customers' data safe. Here's a glimpse of how it looks:
Watch the “How Two-factor Authentication Protects Your Magento 2 Admin Panel” video to understand why 2FA is important and how to configure it in the extension.
How to Disable Two-Factor Authentication in Magento 2
If you need to disable two-factor authentication (2FA) in Magento 2, you can do so by following these steps:
Step 1. Accessing the Magento server
Log into your server with SSH access, making sure you have the necessary permissions to modify Magento settings.
Step 2. Running the command to disable 2FA
In the command line, navigate to your Magento installation directory and enter the following command to disable 2FA:
After disabling 2FA, clear the cache to ensure that changes are applied across the store:
Login and Registration Form