How to Enable Two-Factor Authentication in Adobe Commerce (Magento)

How to Enable Two-Factor Authentication

Two-factor authentication (2FA) is a critical security feature that adds an additional layer of protection to your Adobe Commerce (formerly Magento) store by requiring users to provide two forms of identification. Here’s a comprehensive guide to enable and configure 2FA in Adobe Commerce.

Step 1: Prerequisites

Before enabling 2FA, ensure the following:

• Your Adobe Commerce version supports 2FA (usually versions 2.4 and later)
• You have administrative access to the store’s backend
• A 2FA app is installed on your smartphone (e.g., Google Authenticator, Authy)

Step 2: Access the Admin Panel

1. Log in to your Adobe Commerce Admin panel with your credentials
2. Navigate to Stores > Settings > Configuration

Step 3: Locate the 2FA Module

In the configuration menu:

• Go to Security > 2FA
• Ensure the “Enable Two-Factor Authentication” option is set to Yes

Step 4: Configure Providers

Adobe Commerce supports multiple 2FA providers, including:

• Google Authenticator
• Duo Security
• Authy

1. To set up a provider:
2. Select your desired provider under the Providers section
3. Configure the required settings specific to the provider:
   • For Google Authenticator, scan the QR code displayed using your authentication app
   • For Duo Security, follow Duo’s integration steps to register your site
4. Save your settings

Step 5: Enable 2FA for Admin Users

1. Go to System > Permissions > All Users
2. Edit the profile of each admin user who requires 2FA
3. In the user settings, confirm that the 2FA requirement is enabled

Step 6: Test the 2FA Configuration

1. Log out of the Admin panel
2. Log back in using your credentials
3. When prompted, use your 2FA app to generate a one-time code
4. Enter the code to complete the login

Step 7: Troubleshooting

If you encounter issues during setup:

• Verify that your server’s time is synced correctly, as 2FA codes are time-sensitive
• Check for compatibility issues with extensions that might conflict with the 2FA module
• Refer to the Adobe Commerce documentation for provider-specific instructions

Step 8: Educate Users

Train your team on 2FA, including:

• How to set up their authentication app
• Steps to follow if their device is lost or unavailable

Conclusion

Enabling 2FA in Adobe Commerce enhances your store’s security and helps protect sensitive customer and business data. Regularly monitor your security settings to ensure they remain up-to-date.