Login or create an account
If you have an account with us, please log in.

You have no items in your shopping cart.

Two-Factor Authentication for Magento 2


Add extra security level to boost data protection for your e-business. Prevent your store from the common Internet threats like keyloggers, data sniffing and unsecured wi-fi connections. Stay convinced that your Magento account is available only to your staff members.

  1. Secure two-step authentication
  2. Guaranteed protection against spyware
  3. Possibility to include particular IP's in the white list
  4. Authentication settings for each user role
  5. Your device is the key to your account
View Extension Demos
See User Guide

What is 2FA in Magento 2?

2-step verification is an extra layer of protection based on Google Authenticator or mobile device binding. The single-use 30-second code is apt to protect Magento 2 backend against cybercriminals. Powered by TOTP/HOTP algos, our 2FA plugin doubles your business data resistance against attacks.

As the Internet becomes more rapid and intuitive, users are getting less cautious. They often forget about the essential precautionary measures, when they login to their business accounts. As the saying goes: forewarned is forearmed. When you are prepared, you save yourself from many troubles and mess. The two-factor authentication extension is an easy way to get more confidence about security of your Magento admin panel.

Improve your Magento security

Double your Admin panel security

Two-step authentication is a simple yet efficient way to enhance your protection. This presupposes that to access your account, you have to prove yourself in two different ways. Besides from usual login and password, your mobile device becomes a necessary component of your authentication.

Protect your business account against fraud

As more services require to log in, users become less attentive. One-factor verification may become an easy target for the key loggers and data sniffing. The extension offers you a trustworthy solution of the present-day verification method, used by key figures of the industry (e.g. Facebook, Google, etc).

Use Google Authenticator to generate additional security code

Google Authenticator app is a simple way to make your personal device a crucial element for accessing the Magento account. The app generates security codes every 30 seconds, so even if your login and password were hacked somehow, there is one more additional security password.

Include reliable IP addresses in the white list

To free some IP addresses (e.g. your company) from a double checkup, simply add these IP addresses to the white list in the backend settings.

Enable security code for particular admin roles individually

The Magento 2 Two-factor Authentication extension offers a possibility to configure each admin role individually. Enable additional code for each particular company person.

Smartphone compatibility

NOTE! The extension is compatible with iPhone (iOS 3.1+), iPad, iPod touch, Android (1.5+) and BlackBerry (OS 4.5-6.0) smartphone.

Check if your device is able to run the Google Authenticator application before using the extension. This Google application generates additional security codes.

Improve your Magento management experience

Log all admin actions in your web store

To get more from admin management, check our extension Admin Actions Log for Magento 2. Track all the actions by store administrators in a real-time mode. Easily monitor the log history and all the login attempts.

Allow the admins of the store to work only with particular categories and products

For more flexible work with user permissions, check out the Advanced Permission for Magento 2 extension. You can assign different role permissions for particular managers.

Reasons to choose

Other Features

  • 100% Open Source — Easy To Customize
  • Follows Magento Code Architecture
  • Separated HTML/CSS/JS
  • Simple installation via Composer
* The name "Magento" and the logo are the trademarks of Magento, Inc.
No issues, good extension
Double authentication is a popular security measure today. I can't say I ever faced a real attack. We implemented this extension only to ensure that our customers' data is safe. The installation was fast and easy so we didn't contact support, still based on experience with some other their extensions I can say that support is very strong here.
An easy module to improve security
We used m1 Security Suite when had magento 1 store. After we migrated, we decided to purchase some Amasty security extensions including this 2fa. Overall, a simple module that is very fast to configure but does it job perfectly.
Elaine Morrison

Write Your Own Review

You're reviewing: Two-Factor Authentication for Magento 2

Version 1.1.3 - May 14, 2018
– Improvement: the Google API Key check was added
– Improvement: a small update to the information panes was implemented
Version 1.1.2 - March 29, 2018
– New: added the option to edit the discrepancy for generated verification codes
– Improved the current IP check for the whitelist functionality
– Minor code improvements
Version 1.1.1 - November 23, 2017
– Fixed issue with missing menu tab
Version 1.1.0 - August 28, 2017
– Compatibility with IPv6 introduced
Back to top