Two-Factor Authentication for Magento 2

Add extra security level to boost data protection for your e-business. Prevent your store from the common Internet threats like keyloggers, data sniffing and unsecured wi-fi connections. Stay convinced that your Magento account is available only to your staff members.

  • Secure two-step authentication
  • Guaranteed protection against spyware
  • Possibility to include particular IP's in the white list
  • Authentication settings for each user role
  • Your device is the key to your account
  • Hyvä Checkout ready
Add to Wish List
Product updates and support for 12 months

Updates and support prolongation - $79

more info

Pick a combo deal with 15% discount:

Save $79.05

👉 As the Internet becomes more rapid and intuitive, users are getting less cautious. They often forget about the essential precautionary measures, when they login to their business accounts. As the saying goes: forewarned is forearmed. When you are prepared, you save yourself from many troubles and mess. The two-factor authentication extension is an easy way to get more confidence about security and double protection of your Magento admin panel.

See how Two-Factor Authentification works

Magento 2 two factor authentification: secure login

Double your Admin panel security

Two-step authentication is a simple yet efficient way to enhance your protection. This presupposes that to access your account, you have to prove yourself in two different ways. Besides from usual login and password, your mobile device becomes a necessary component of your authentication.

Protect your business account against fraud

As more services require to log in, users become less attentive. One-factor verification may become an easy target for the key loggers and data sniffing. The 2-factor authentication extension offers you a trustworthy 2-level solution of the present-day verification method, used by key figures of the industry (e.g. Facebook, Google, etc).

Use Google Authenticator to generate additional security code

Google Authenticator app is a simple way to make your personal device a crucial element for accessing the Magento account. The app generates security codes every 30 seconds, so even if your login and password were hacked somehow, there is one more additional security OTP for login.

Include reliable IP addresses in the white list

To free some IP addresses (e.g. your company) from a double checkup, simply add these IP addresses to the white list in the backend settings.

Enable security code for particular admin roles individually

The Magento 2 Two-factor Authentication extension offers a possibility to configure each admin role individually. Enable additional code for each particular company person.


2FA extension: mobile verification


NOTE! The extension is compatible with iPhone (iOS 3.1+), iPad, iPod touch, Android (1.5+) and BlackBerry (OS 4.5-6.0) smartphone.

Check if your device is able to run the Google Authenticator application before using the extension. This Google application generates additional security codes.

Improve your Magento management experience

🔥 Log all admin actions in your web store

To get more from admin management, check our extension Admin Actions Log for Magento 2. Track all the actions by store administrators in a real-time mode. Easily monitor the log history and all the login attempts.

🔥 Allow the admins of the store to work only with particular categories and products

For more flexible work with user permissions, check out the Advanced Permission for Magento 2 extension. You can assign different role permissions for particular managers.

Magento 2 factor authentification

2-step verification is an extra layer of protection based on Google Authenticator or mobile device binding. The single-use 30-second code is apt to protect Magento 2 backend against cybercriminals. Powered by TOTP / HOTP algos, our 2FA plugin doubles your business data resistance against attacks.

🚀 Why Do You Need 2FA?

2FA is a new outline of your security measures that phasing out used-to-be protection measures largely due to the obvious pros:

  • an extra layer of user credentials/account protection;
  • decreased risks of unauthorized access/system breaches;
  • a wide variety of 2FA methods that suit the most discerning users: secret questions, pin codes sent to mobiles, pictures confirmations, more;
  • secure access to confidential business information.

As a result, by avoiding security issues you increase user satisfaction and loyalty to your brand.

To date, more than 90% of Gmail accounts don't use 2FA. This is largely due to Google democratic approach, you can’t simply force users unconditionally accept the two-step authentication. However, in 2023 we see people suffer from banal email hacking and e-commerce fraud.

What makes you think then that the problem won’t affect your business? Let’s take a guess, you may think you are only beginning to be an e-business, you may personally know all the employees, besides you have a small staff, who are easy to control. All these arguments don’t hold much water once your Admin account is hacked.

🚀 What is a Magento 2 authentication factor?

The factor is a credential that is used to verify an access legitimacy. They distinguish the next 2FA types:

    • knowledge (it’s based on a user's knowledge of something): This one is the most common method of authentication. They can be secret questions/characters/words/sentences/numeric combinations/etc.;
    • possession (it’s based on a user's possession of something): The method implies a secret key that is possessed by only one user. One of the most in-use examples is a security token (disconnected/connected/software/etc.);
    • inherence (it’s based on a user's biometric characteristics): They are user's fingerprints, face, voice, iris recognition, typing dynamic and others. The factor is justly considered as one of the safest.

    Our Magento 2 factor authentication uses 30-second Google Authenticator code sent to your mobile device.

    Magento 2 Step Authentication: Pros and Cons

    • double business account protection;
    • increase of your Admin Panel security;
    • additional 30-second-life security password;
    • white lists to free reliable IPs from Magento 2 2FA;
    • extra verification code for an individual admin role;
    • smartphone compatible.
    • the need for sharing your mobile phone number;
    • a possibility of SMS-based authentication distant circumvention;
    • it's never 100%.

    What is two-factor authentification in Magento 2?

    Magento 2 Two-Factor Authentication enhances security by requiring two-step authentication to access the Magento admin panel from all devices. This feature can be implemented using Google Authenticator, Authy, Duo, and other applications. With their help, you get an authentication code that helps prevent illegal attempts to log into your Admin account.

    Why do you need the Magento 2 two-factor authentication for your business?

    Magento 2 two-factor authentication will reduce unauthorized access and reduce the effectiveness of cyber-attacks. Two-factor authentication creates additional layers of security. A second authentication identifier makes it harder for an attacker to gain access to corporate systems.

    Unleash the Power of Amasty's Top Magento 2 Extensions!

    • Magento 2 Improved Layered Navigation: Elevate your store's shopping experience with Amasty's Improved Layered Navigation extension for Magento 2. Empower customers with seamless product discovery through user-friendly filters and enhanced SEO rankings.
    • Magento 2 ElasticSearch: Revolutionize search capabilities with Amasty's ElasticSearch extension for Magento 2. Deliver lightning-fast and relevant search results, empowering effortless product discovery for seamless shopping.

    Expand your e-commerce portfolio with ease

    Our Magento to Shopify Migration Service is designed for Magento store owners who are curious about entering new niches or launching subbrands in a cost-effective environment.

    Adobe partner logo
    Magento Marketplace logo
    See 500+ verified reviews
    1 Single points of sales
    Trusted by Customers
    Are Amasty extensions compatible with all themes and extensions by other vendors?
    Amasty extensions work with all plugins we issued and with most 3rd-party plugins. If you come across a Magento 2 compatibility issue with any third-party module, we’ll definitely try to help you. If you face any technical issues, please create a ticket...
    Will I get free support and updates?
    Product updates for extensions purchased before Feb 1, 2022With the transition to product subscriptions, you will receive product updates for all extensions purchased before Feb 1, 2022 throughout the entire grace period — up to Aug 1, 2022. If you ...
    Do you have the installation service?
    Yes, you can use installation and configuration services that are available as the part of Pro and Premium add-ons for your product subscriptions.Please note that this installation service doesn’t include uninstallation. So, if you need to completely...
    Can I request a free trial?
    Amasty doesn’t provide any trials of Magento extensions. There's one exception: Amasty extensions are provided for testing or demo purposes to our official Platinum Partners as a part of the “access to Amasty extensions for testing purposes with Composer...
    Can I test an Amasty extension on a staging site before transferring it to a live one?
    Yes, you can install any Amasty extension on a test site and configure all the settings there before doing it on your live store.
    How can I get a refund?
    Amasty offers to its Customers a thirty (30) day money-back guarantee for the Software. In case the acquired extension didn’t meet your expectations, our support team is always ready to help you. Fees for support subscriptions and any services provided...
    How can I receive a discount?
    We are now working at a loyalty program for our customers that is supposed to bring even greater benefits in the long term. While it’s not out yet, you can look through these Special Offers. New discounts and specials are added every month. To stay ...
    How to update a Magento 2 Amasty extension?
    To update a Magento 2 extension by manual upload:1. log in to the customer account;2. navigate to the Products tab, scroll to the packages section, and click the Download link next to the extension that should be updated;3. Important: If some extension...
    If I need additional features to be added to an Amasty extension, how can I ask for it?
    To leave your feature request, log in to your customer account and open the Products tab. Then, scroll down to the bottom of the page, and leave your feature request in the following form: As soon as you send your request, it is considered by our ...
    Magento 2 Amasty extensions installation
    Each Amasty extension package is provided with the extension files, installation & setup guides, and a license agreement. Some extensions include import files examples as well. So how to install our Magento extension? What is the plugin...
    How can I prolong support?
    If you have an active support service subscription, it grants you access to support services for all products purchased before Feb,1 as long as your subscription is active. Alternatively, support services are only available as the part of a product ...
    Can I change the EE extension to CE for free?
    Usually, no, you can’t exchange modules. Please, contact our support managers and they’ll consider your case individually. → Learn more about our special offers
    How can I get a discount to re-purchase plugins?
    Usually, we don’t provide any discounts. But you can contact us, and we’ll consider your case individually. → Learn more about our special offers
    Customer Reviews

    Do you need specific features added so you can achieve your business goals?

    Drop us a line and we'll customize this extension for you!

    You can always download the recent version free of charge from your account installing an upgrade is easy

    See Magento (and other software) versions we support and guarantee their compatibility with our extensions

    Version 1.1.7
    Last Update: Jul 19, 2022
    1.1.7 - Jul 19, 2022
    • Compatibility now the extension is compatible with Magento 2.4.4
    1.1.6 - Nov 18, 2020
    • Improvement code was refactored according to Magento Marketplace standards
    1.1.5 - Feb 05, 2019
    • Fix the issue with saving Two-Factor Authentication data in the user (admin) account if the current user (admin) is whitelisted by IP was resolved
    1.1.4 - Jan 24, 2019
    • Improvement minor visual improvement for the extension settings in the admin panel
    1.1.3 - May 14, 2018
    • Improvement the Google API Key check was added
    • Improvement a small update to the information panes was implemented
    1.1.2 - Mar 29, 2018
    • New added the option to edit the discrepancy for generated verification codes
    • Improved the current IP check for the whitelist functionality
    • Minor code improvements
    1.1.1 - Nov 23, 2017
    • Fixed issue with missing menu tab
    1.1.0 - Aug 28, 2017
    • Compatibility with IPv6 introduced

    Ratings & Reviews

    100% of 100