Enhance Magento admin security with two factor authentication
It's easier than you think for someone to steal your security credentials when you access your account. Even having a strong password doesn't completely protect you. That is why a lot of our popular sites like Google/Gmail, Apple, Facebook, Amazon Web Services and many others have added two-factor authentication. Even Google strongly recommends using this type of protection on each site. This system uses both your password and your phone to protect your account.
In order to keep your data safe in Magento admin panel we have launched Two-Factor Authentication extension that combines Google Authenticator application and your smart phone to verify the admin session. Since now you can be absolutely sure that your orders, customers’ data and other private information are completely secured.
Protect your Magento backend against unauthorized logins and fraudsters
Assured access into your admin panel
To start using two-factor authentication you will need to enter a temporary security code when logging in to Magento. Each security code changes every 30 seconds, so even if someone gets to known your password, he won’t be able to log in to your Magento backend.
Secure against data sniffing
With our Magento secure setup option each particular security code can be used only once, so even if both your password and the security code are sniffed they couldn’t be used to get logged in.
Protection against key logging
If you log in from a device or PC where the keypad input is allowed, your password becomes vulnerable. However, with Two-Factor Authentication you don’t have to worry about that anymore. Apart from the password the scammer also needs to know your time-based security code, that changes every 30 seconds and can only be used successfully once before it expires.
Set flexible authentication requirements
IP address white listing for verification code
Some IP addresses (e.g. your company IP) are reliable and don’t require entering the verification code. To log in from this IP address without checkup you just need to add it to the IP White List in the admin panel.
Flexible authentication requirements
It is possible to have various levels of security requirements for each admin account. E.g. you can create an account that requires only the password or both the password and passcode. This way you will use one account for logging from trusted networks and another one for logging from untrusted networks.
This magento secure login module is compatible with iPhone (iOS 3.1+), iPad, iPod touch, Android (1.5+) and BlackBerry (OS 4.5-6.0) smartphone. Anyway, please make sure your device is able to run the Google Authenticator application before the purchase. Since this application is used to generate security codes required for login.
Fit up your admin management system with more powerful tools
Log all actions performed in the store backend by admin users
With the help of magento admin log extension you can easily find out what have been done in your store admin panel and by whom. Enhance your store protection and easily block all malicious login attempts.
Let your admin users and vendors see and edit only particular categories and products
You have also a great opportunity to improve your website monitoring. Assign permissions to users for editing certain products, categories, Magento store-views and websites. With the help of Advanced Permissions extension one can easily manage online stores with rich item catalogs as well as multivendor and maltilanguage stores. Let anyone play their unique roles to make the work of the whole store even more productive.
* The name "Magento" and the logo are the trademarks of Magento, Inc.