msp/twofactorauth 2.0.1

Two Factor Authentication module for Magento2 - Member of MageSpecialist SecuritySuite

Type

magento2-module

License

OSL 3.0

Requires
Requires (dev)

None

Suggests
Provides

None

Conflicts

None

Replaces

None

MSP TwoFactorAuth

Two Factor Authentication module for maximum backend access protection in Magento 2.

Member of MSP Security Suite

See: https://github.com/magespecialist/m2-MSP_Security_Suite

Did you lock yourself out from Magento backend? click here.

Main features:

  • Providers:
    • Google authenticator
      • QR code enroll
    • Authy
      • SMS
      • Call
      • Token
      • One touch
    • U2F keys (Yubico and others)
    • Duo Security
      • SMS
      • Push notification
  • Trusted devices
    • High security rolling codes
  • Trusted devices revoke list
  • Central security suite events logging
  • Per user configuration
  • Forced global 2FA configuration

Installing on Magento2:

1. Install using composer

From command line:

composer require msp/twofactorauth

2. Enable and configure from your Magento backend config

Enable from Store > Config > SecuritySuite > Two Factor Authentication.

3. Enable two factor authentication for your user

You can select between a set of different 2FA providers. Multiple concurrent providers are supported.

4. Subscribe / Configure your 2FA provider(s):

4.1 Google Authenticator example

4.2. Duo Security example

4.3. U2F key (Yubico and others) example

4.4. Authy example

Emergency commandline disable:

If you messed up with two factor authentication you can disable it from command-line:

php bin/magento msp:security:tfa:disable

If you need to manually reset one single user configuration (so you can restart configuration / subscription), type:

php bin/magento msp:security:tfa:reset <username> <provider>

e.g.:

php bin/magento msp:security:tfa:reset admin google php bin/magento msp:security:tfa:reset admin u2fkey php bin/magento msp:security:tfa:reset admin authy

This will disable two factor auth globally.