Magento 2.4 version comes with various features and improvements to make your e-commerce experience better in every aspect. To prevent unauthorized access to your data, anyone who attempts to sign in to the Admin of your Magento installation must complete a second step to verify their identity. With Magento Two-Factor Authentication (2FA) in the Magento 2.4 version, your security is well protected since it requires two-step authentication to access the Magento Admin UI from all devices.
Today, we will help you understand these fascinating terms. Also, there will be a solution to Magento Two-Factor Authentication requirement for Admin login. Read on to find out!
Overview of Magento 2.4
The Magento 2.4 version was released on July 28, 2020. According to Magento, this version provides merchants with capabilities to help them capture new opportunities in the commerce environment and prepare for the future ahead. The Magento 2.4 release consists of 98 new features, 50 security changes, 68 bug fixes, 7 test cycles, 12 packages and extensions, and support for PHP 7.4.
Apart from those, you can also leverage:
- 2FA security for Magento 2 admin panel
- PWA development
- Purchase approval workflows
- Seller assisted shopping
- New media gallery
- In-store pickup
- Headless commerce
What is Magento Two-Factor Authentication?
The Magento Admin provides you with access to your store, orders as well as customer data. This implementation of Magento Two-Factor Authentication applies to the Admin only and is not available for customer accounts. The feature is widely used, and you may have several access codes for different websites. For example, the Google Authenticator app on your phone can generate codes for your store’s Admin, your Magento account, your Google account, and more.
2FA allows you to specify which authentication providers from the Admin are supported. Users can manage and configure authenticator settings globally or per user account. Additionally, they can also reset authenticators for users.
Solution to Magento 2FA requirement for Admin login
For Magento 2.4, the default two-factor authentication is available. The instructions for installing Magento Two-Factor Authentication are as follows:
- Connect your server through the SSH Terminal
- Navigate to your Magento store’s root directory
- Run the following composer command: composer require MSP_TwoFactorAuth
- Run the below commands
- By running the following commands, you will purge the Magento 2 cache
Magento Two-Factor Authentication supports multiple providers. There are 4 types of authenticators that you can configure for the Magento store:
- Google Authenticator
- U2F Devices (Yukikey and others)
- Duo Security
It is a must to select at least one authenticator per user account, or you can implement one authenticator globally for all accounts as well. Plus, it is recommended to install one authenticator for the admin panel to avoid using input tokens separately for each one.
Below are steps to configure your supported 2FA provider:
- On the Admin sidebar, go to Stores > Settings > Configuration
- Select 2FA under Security
- In the General section, select each Provider to use
- Save the configuration
When you want to configure 2FA to proceed to the Admin area, an email will be sent to you for further instructions. However, if you run Magento 2.4 on an on-premises system that is not configured for email sending, you can choose to disable Magento Two-Factor Authentication.
To wrap up
We hope that this article has helped you get an overview of Magento Two-Factor Authentication and the solution to its requirement for Admin login. Visit our blog now for more updates!