two-factor authentication

Magento 2.4 introduced two-factor authentication (2FA) by default to strengthen the security of admin accounts. This is because two-factor authentication adds an extra layer of protection by requiring a password and a one-time verification code when logging into the Magento admin interface. This article will show how it works and why it’s a security benefit.

How does two-factor authentication work in Magento 2.4?

When you install or update Magento 2.4, you will notice that a validation message appears the first time you log in to the admin panel. This message will first ask you to verify your email address. Then, you must follow a set of steps to log in. Here are some of the steps you need to take.

You will find two-factor authentication by default on Magento 2.4.

When installing Magento 2.4 and above, two-factor authentication is enabled by default. Indeed, administrators do not have the option to disable two-tier authentication. However, if you wish, you can run the commands below in the command lines.

Workaround 1:

 PHP bin/magento config:set twofactorauth/general/enable 0

Option 2:

 php bin/magento msp:security:tfa:disable

Option 3:

 bin/magento module:disable Magento_TwoFactorAuth
 bin/magento cache:flush

Choosing a 2FA Provider

Magento 2.4 supports multiple two-factor authentication providers, such as

  • Google Authenticator,
  • auth,
  • Duo Security
  • and U2F.

Administrators can choose the provider they prefer and configure the settings accordingly. These solutions are usually available as mobile applications. Indeed, you can, for example, download Duo Security on PlayStore and install it for free on your mobile.

Configuration

To set up two-factor authentication, administrators must link their account to the chosen authenticator app by scanning a QR code or entering a secret key. Once paired, the app will generate unique verification codes for the report.

Login

Users must provide their username and password when logging into the Magento admin interface. After entering this information, they will be prompted for a unique verification code from their two-factor authentication app.

Successful authentication

Once you enter the validation code, the app will validate its correctness. In summary, two-factor authentication in Magento 2.4 adds an extra layer of security by requiring a unique verification code upon login, which makes administrator accounts harder to compromise. Administrators can choose from several two-factor authentication providers and configure settings according to their preferences.

What are the benefits of two-tier authentication?

Two-tier or two-factor authentication (2FA) offers numerous benefits regarding online account security and protection. Here are some of the main advantages of two-tier authentication:

Enhanced security

Two-tier authentication adds an extra layer of protection by requiring two separate credentials. This makes it harder for hackers to access accounts using only stolen credentials.

Phishing Protection

Phishing attempts are often aimed at obtaining passwords and other sensitive information. Two-tier authentication then helps protect against these attacks by requiring additional proof of identity, such as a single verification code, which is typically sent to a trusted device.

Reduced risk of identity theft

The unique and temporary verification codes used in two-tier authentication make identity theft more difficult, as hackers need access to both authentication factors to compromise an account.

Unauthorized Login Attempt Alerts

If a person tries to log in to an account protected by two-tier authentication, the account owner will usually receive a notification with the unique verification code. This alert can thus serve as an early warning signal in the event of an unauthorized connection attempt.

Regulatory compliance

Several industries and regulations, such as the GDPR, impose enhanced security measures to protect sensitive data. As a result, two-tier authentication can help organizations comply with these requirements by providing enhanced security for user and administrator accounts.

Peace of mind

With two-tier authentication, users and businesses can rest assured that their accounts and information are more protected from online threats.

In conclusion

To always offer its users a safe solution, Magento has anticipated some rather interesting measures. In addition, if you need assistance in implementing security measures for your organization, contact us.