Back to Top

Guide for Magento 2 Two Factor Authentication

Updated 24 June 2024

Magento 2 Two Factor Authentication adds extra security features to the account. It provides two-factor authentication for the website.

Magento 2 Two Factor Authentication adds extra security features to the account. It provides two-factor authentication for the website.

Magento 2 Two Factor Authentication is verified in two cases i.e creation of a new account and login into the account of existing customers.

It is one of the most reliable processes for the security of account purposes.

Also, Magento 2 Security extension helps secure your website form various attacks and hacks.

Start your headless eCommerce
now.
Find out More

Go through the brief overview of the module –

73O7FGwNEQ4

Features

  • At the time of registration, Auth Code will be sent to the mobile number entered. However, it will be verified after the account will be created.
  • Admin can enable/disable the TwoFactorAuth module from the admin configuration.
  • Admin can enable/disable TwoFactorAuth verification of the customers at the time of registration.
  • Customers have to verify to access the account.
  • The admin generates backup codes for customers and notifies customers through mail.
  • The verification code expiration time period can be changed by the admin.

Install Extension from Webkul Store

#1 Download Module

Firstly, you need to log in to Webkul Store, go to My Account>My Purchased Products section, verify and then download and extract the contents of this zip folder on the system.

#2 Upload Folder

Once the module zip is extracted, follow path src>app and then copy the app folder into the Magento 2 root directory on the server as shown below:

installation

#3 Run Commands

After uploading the module folder, you need to run the following commands in the Magento 2 root directory:

composer require twilio/sdk
composer require sendgrid/sendgrid
composer require pragmarx/google2fa
composer require pragmarx/google2fa-qrcode
php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento setup:static-content:deploy
php bin/magento indexer:reindex
php bin/magento cache:flush

After running the commands, you have to flush the cache from the Magento admin panel. By navigating through System > Cache management as shown below.

cache

Install Extension from Magento Marketplace

If you have purchased this extension from the Magento Marketplace then please follow the below process or visit this link.

#1 Get Access Keys

You need to get access keys, navigate to My Profile in Magento Marketplace, and then choose Access Keys in the My Products section.

my-profile

Go to Magento 2 and then you need to copy both the Access Keys – Public Key and Private Key. These access keys will be needed in the next steps for authentication.

copy-keys

If access keys are not created earlier, click Create A New Access Key, enter any name and click OK.

create-key-name

#2 Update composer.json File

To know the component name and version number, go to your Magento Marketplace account section, My Profile>My Purchases, then find this extension to view the details. Please note – Below is an example image, every extension will have its unique component name and version.

know-component-name-version

After that, navigate to your Magento project directory and update your composer.json file in the following format.

composer require <component-name>:<version>

For example, to install version 5.0.0 of this extension you need to run the following command:

composer require webkul/2fa:5.0.0

#3 Enter Access Keys

Now you will need to enter the Access Keys that you obtained as explained in the first step #1 Get Access Keys. Wait for Composer to finish updating your project dependencies and make sure there aren’t any errors.

#4 Run Commands

You need to run the following commands:

composer require twilio/sdk
composer require sendgrid/sendgrid
composer require pragmarx/google2fa
composer require pragmarx/google2fa-qrcode
php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento setup:static-content:deploy
php bin/magento indexer:reindex
php bin/magento cache:flush

Multi-Lingual Support

For multilingual support, the admin will navigate through Store > Configuration > General > Locale Options. Now select the locale as English (the language into which the admin wants to translate his store content).

locale configuration

Admin Configuration

Once the module of Two Factor Authentication for Magento 2 (Adobe Commerce) is installed completely. Now the admin will manage the feature from the backend by navigating to Stores > Configuration > TwoFactorAuth.

Module configuration

In configuration settings, the admin can enable and disable the twofactAuth.

  • Enable Module on Frontend:- Admin can enable and disable the module by YES/No
  • Need Auth Validation On New Customer Registration:- Set YES/NO to auth validations for a new customer.
  • Need Auth Validation On Registered Customers:- Set YES/No to auth validations during login for the existing Customer.
  • Enable Login Using Backup Code:- Set the backup codes to yes/no.
  • Auth Code Expiry:- OTP duration is between 60 to 300 sec.
  • Send OTP Via:- Mobile, Email, Sending Email Link, Push Notification, TOTP/Authenticator.

Twilio Auth

“Twilio” is a communications platform for sending and receiving text messages using its web service APIs.

The admin can signup for the Twilio services and register to the Twilio. To register, the admin can visit Twilio then click on the signup button. 

Twilio sign up

Now, from the Twilio account, the admin can access the information required in the admin dashboard. 

Settings

Magento 2 Two Factor Authentication – Workflow

Send OTP Via Mobile

In the module configuration, the admin set Send OTP Via to Mobile.

  • Auth ID:- Enters the Auth ID
  • Token:- Enters the Token
  • Message:- Enters the customized msg sent to the user.
  • Sender Number:- Enters the senders’ Number.
Module configuration
Module configuration

At the time, when a new account is created by the customer. The user will enter their details.

Creating new Account

The OTP will be sent to the customer’s mobile number.

Now customers have to go through the two-step verification.

magento 2 two factor authrisation

Enter the OTP  sent on the registered mobile number. After verifying the OTP, the account is created successfully.

Account-verification

Existing Customer

TwoFactAuth is applicable for the existing customer. Every time when the customer does the login. He will receive the OTP.

Customer enters their login credentials. Then click on Sign In.

customer login

After entering the OTP they can use their account after verification.

otp on mobile

Thus, the customer receives the OTP (SMS) on the mobile, as shown in the image below.

OTP (One Time Password)_mobile-otp

Enter the OTP  sent on the registered mobile number. After verifying the OTP, the customer will successfully log in to their account.

Account-verification

Send OTP Via Email

magento 2 two factor authentication

Customer End

At the time, when a new account is created by the customer. The user will enter their details.

Creating new Account

After entering the credentials the customer will receive the OTP in the mail, as shown below in the snapshot:

Account-verification

The customer will enter the OTP and log in to the Web store.

Account-verification

For Customer login

The customer will enter the email ID and password on the login page.

Screenshot-18-1-2

After entering the credentials the customer will receive the OTP in the mail, as shown below in the snapshot:

Account-verification

By entering the OTP the customer can log in to the Magento 2 store.

module configuration.

Customer End

At the time, when a new account is created by the customer. The user will enter their details.

Creating new Account

After entering the credentials the customer will receive the OTP in the mail, as shown below in the snapshot:

received link on mail

By clicking on this link customers will register to the Magento store.

For customer login

The customer will enter the email ID and password on the login page.

Screenshot-18-1-1

Once entering the credentials the customer will receive the link as mentioned below in the snapshot.

received link on mail

By clicking on the link the customer can log in.

Send OTP Via Push Notification

Admin End

The admin needs to create an account on Firebase, Please click here and create a new project with your Google account.

1.  After opening the Firebase page. Please create a project by clicking Add project button.

Firebase-console

2. Then, create a new project, enter the name of the project, and click continue.

step1-create-project

 The next step will ask you to set up Google Analytics. Let’s go ahead and set it up.

step2
step2

(Optional) Enable Google Analytics

Enable Google Analytics for your project, then follow the prompts to select or create a Google Analytics account, if you don’t want to set Google Analytics disable the toggle button or you can click “Continue” and you will be taken to the project home page. 

Choose or create new Google Analytics, and click “Create a new Account”.

update-step-3

Finally, select your Google Analytics location (the United States by default) and read and configure the sharing settings. Finally, accept the Google Analytics Terms of Use and create a project.

The process only takes a few seconds. When finished, click “Continue” and you will be taken to the project home page.

image-2

3. After creating your new project, click on the Settings menu and then select the Project Settings option. A new Project Settings page will open.

update

4. After entering the Project Settings page, go to the Cloud Messaging tab. Further, from here you will find your project credentials. Copy and save your Server Key and Sender ID as shown in the snapshot below.

updatefirebase2

5. Moreover, navigate through Project Settings > General will find the other Firebase Project Credentials under web apps. You need to enter these credentials into the admin configuration.

firebase3

Configuration Settings

After receiving all the credentials the admin needs to enter them in the Configuration as mentioned in the snapshot below:

module configuration

Customer End

For Registration

At the time, when a new account is created by the customer. The user will enter their details.

Creating new Account

The customer has to allow the show notifications popups then only the customer will receive the push notifications.

Creating new Account

Then the customer will receive a pop-up notification on their device.

Then the customer will enter the received OTP.

magento 2 two factor authrisation

For Customer Login

Now customer Will to enter the login credentials like email and password on the login page.

Screenshot-18-

After allowing the show notifications popup, customer will receive a push notification as mentioned below in the snapshot:

screenshot_from_2023_09_07_13_12_28-1

From the push notification, the customer will receive the one-time verification code and by entering that, the customer can log in.

Send OTP Via TOTP/Authenticator

First, the admin needs to configure the module for TOTP/Authenticator.

Send OTP Via TOTP/Authenticator

Customer End

At the time, when a new account is created by the customer. The user will enter their details.

Creating new Account

After entering the credentials there will be a popup in which the barcode will be there the customer can scan the barcode using Google Authenticator Application.

Send OTP Via TOTP/Authenticator

Once the customer scans the barcode, he will get the OTP.

Screenshot_20230915_191950_Authenticator

By entering the OTP, the customer will register themselves to the Magento 2 Store.

Account-verification

For Customer Login

If the admin selected Send OTP Via TOTP/Authenticator from the configuration page. The customer will enter the credentials on the login page

Screenshot-18-1-3
Screenshot-18-1-3

The customer will get the OTP on the Google Authenticator.

Screenshot_20230915_191950_Authenticator

By entering the OTP customer will login to the Magento 2 Store.

magento 2 two fact auth

To update TOTP Authenticator App

To update the Authenticator App, the customer must log in to the Magento 2 Store

magento 2 two fact auth

Then the customer will navigate to Two- Step Authentication

magento 2 two fact auth

Then click on Update button.

magento 2 two fact auth

Enter 6-digit OTP received on the authenticator. Then click on submit.

Now, the customer scans the QR code from their authenticator.

magento 2 two fact auth

Then enter the Auth Code and click on verify.

The Authenticator App is successfully updated.

Login Via Backup Code

The Customer can also log in through the Backup code that is provided during the registration.

Note: Backup code is available for the customer during registration only if the admin enables it from the module configuration.

To enable it, the admin will configure the module.

Module configuration

Enable Login Using Backup Code:- Set the backup codes to yes.

The Customer will get 12 backup codes during registration.

backup codes

The customer can save the backup codes in case the customer doesn’t have access to the auth code on the mobile phone or email, then the customer can use the backup code and log in to the panel.

The customer also gets the backup code on their registered Email ID.

backup code

For Customer Login

During login, customers can choose the option to Sign In another way, if they don’t have OTP.

otp on mobile

Now the customer will enter the Backup codes to log in to the Magento 2 store.

magento 2 two fact auth

One code can be used only once, if the customer has used one backup code, then that backup code can’t be used again.

After entering the backup code the customer is successfully logged in to the Magento 2 store.

Note: The customer can request the admin to generate the backup codes for the customer.

Admin Creating Backup code

If all the backup code is used by the customer then it shows the message on the notification.

magento 2 two fact auth

To create the backup code for the customer, the store admin navigates to Customer -> All Customer -> Edit Customer -> Two Fact Auth.

magento 2 two fact auth

Then click On the Generate Button.

magento 2 two fact auth

After click on the generate button the new backup code will generated.

Support

So, that is all about the Magento 2 Two Factor Authentication extension. If you have any queries regarding the plugin, please get in touch with us at Webkul Support System.

Explore the Adobe Commerce Cloud development services by Webkul. You may also browse our quality Magento 2 extensions.

Current Product Version - 5.0.3

Supported Framework Version - 2.0.x, 2.1.x, 2.2.x,2.3.x, 2.4.x

Blog Version - 2.0.x, 2.1.x, 2.2.x,2.3.x, 2.4.x
  • Version 2.4.x.
  • Version 2.0.x, 2.1.x, 2.2.x,2.3.x, 2.4.x
. . .

Leave a Comment

Your email address will not be published. Required fields are marked*


Be the first to comment.

Back to Top

Message Sent!

If you have more details or questions, you can reply to the received confirmation email.

Back to Home

Table of Content