TFA Two Factor Authentication

Two Factor Authentication Extension for Magento 2

Server Time

It's extremely important that you keep your server time in sync with some NTP server.

Installation

For clients

There are several ways to install extension for clients:

1. If you've bought the product at Magento's Marketplace - use Marketplace installation instructions
2. Otherwise, you have two options:
   • Install the sources directly from our repository - recommended
   • Download archive and use manual installation

For developers

Use this approach if you have access to our private repositories!

Run the following commands:

cd <magento_root>
composer config repositories.swissup composer https://docs.swissuplabs.com/packages/
composer require swissup/tfa --prefer-source --ignore-platform-reqs
bin/magento module:enable Swissup_Core Swissup_Tfa
bin/magento setup:upgrade

• TFA must be enabled by the individual user by clicking 'Account Setting(user)' in the Magento 2 admin panel.
• Once there, the user is able to enable the two factor authentication and view the QR code for a Google Authenticator compatible application.
• Users with TFA enabled will not be able to log into the admin panel without a valid authentication code input on the Magento 2 admin login page.
• Users with TFA disabled can leave the 'Authenticator Code' field blank during login.

Activating the extension

• Open your admin user account settins at System > Permisions > All Users > Your User > Tab "Two Factor Authentication"

• Scan QR code with Google Authenticator application using your smartphone.

• Insert the key you've got on your mobile device into the verification key field.

• That's all. You've enabled the protection for that admin user. Try logout and login with verification key. Please notice that key is got refreshed every 30 seconds. In case you have not enabled the protection for some users, the verification key will be ignored for those users.

Google Authenticator Apps:

To use the two factor authentication, your user will have to install a Google Authenticator compatible app, those are some of the currently available:

• Authy for iOS, Android, Chrome, OS X
• FreeOTP for iOS, Android and Pebble
• Google Authenticator for iOS
• Google Authenticator for Android
• Google Authenticator (port) on Windows Store
• Microsoft Authenticator for Windows Phone
• LastPass Authenticator for iOS, Android, OS X, Windows
• 1Password for iOS, Android, OS X, Windows

Console Commands

TFA can be disabled using console commands if needed:

List TFA status For All Admin Users

php bin/magento swissup:tfa:list

Disable TFA For Single Admin User (by email)

php bin/magento swissup:tfa:disable admin@example.com