Secure your Commerce account
Two-factor Authentication (TFA or 2FA) is an added layer of security to better protect your Commerce account from unauthorized access. To complete the login process, TFA requires a second factor in addition to the standard username and password credentials. This second factor takes the form of temporary verification codes that are continuously generated by a TFA application installed on your mobile device and paired with your Commerce account.
With TFA enabled, your account is more secure. An unauthorized user cannot log in unless they have both your username and password credentials (first factor) and a valid verification code from the TFA application on your personal device (second factor).
Before you begin
To use TFA, you must have a TFA application installed on your personal device (such as your smartphone, tablet, computer). There are many available, but some popular and free options include:
-
Google Authenticator (iOS, Android™, BlackBerry®)
-
Authy (iOS, Androidâ„¢)
-
Microsoft® Authenticator (iOS, Android™, Windows Phone)
Enable two-factor authentication
-
Log in to your .
-
In the left navigation pane, select Account Settings, and then select Two-factor Authentication.
{width="600" modal="regular"}
-
Select Enable to begin the two-factor authentication setup process.
-
Enter the Verification Code sent to your email and select Verify Code to continue.
{width="400"}
-
Open the two-factor authentication application you downloaded and installed on your personal device.
-
On the SETUP TWO-FACTOR AUTHENTICATION form, use the Setup Code to add ÃÛ¶¹ÊÓƵ Commerce to your TFA application.
{width="400"}
You can add the code by scanning the QR code using the TFA application, or by manually entering it. This code pairs your TFA application with your Commerce account and enables the permissions to generate the TFA app to generate verification codes for secure account access.
-
Complete the setup.
-
On the SETUP TWO FACTOR-AUTHENTICATION form, enter the verification code from your two-factor authentication application.
-
Select Verify Code.
note note NOTE For security, the verification codes in your TFA application continuously expire and regenerate. Always use the code that is currently displayed. -
-
Save the Recovery Codes presented in a safe and accessible place.
{width="400"}
If you cannot provide a verification code when you log in to your Commerce account, you must use a recovery code to regain account access.
Each recovery code can be used only one time, but you can generate new ones. Recovery codes are case-sensitive.
-
Select the confirmation checkbox and select Submit to continue.
-
To ensure that you can recover access to your account, enter a Recovery Email.
This email address is needed if you cannot generate a verification code from your two-factor authentication application and you do not have access to an unused pre-generated recovery code.
Once every 24 hours, you can generate and send a temporary recovery code to your designated recovery email address. Use this code to regain account access.
note important IMPORTANT Maintain access to your recovery email account. Otherwise, you cannot use temporary recovery codes sent to that account. {width="400"}
-
Select the confirmation checkbox and select Submit to complete the two-factor authentication setup process.
-
A notification is sent to the email address associated with your Commerce account to confirm that you have successfully enabled two-factor authentication.
-
A notification is sent to your recovery email account to confirm the configuration.
-
Log in using a verification code
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Enter the Verification Code displayed in your two-factor authentication application when prompted.
{width="600"}
-
Select Submit to complete the login process.
Log in using a recovery code
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Select Use recovery code to bypass the verification code prompt.
-
Enter an unused Recovery Code when prompted.
{width="600"}
-
Select Submit to complete the login process.
Log in using your recovery email
-
Log in to your .
-
Enter your username and password credentials, and then select Login.
-
Select Use recovery code to bypass the verification code prompt.
-
To get a temporary recovery code through email, select the recovery email link.
{width="600"}
-
Open your recovery email account to get the temporary code, and then enter the code in the designated fields.
-
Select Submit to complete the login process.
After using a temporary recovery code to access your account, generate new recovery codes and save them to prevent further account access issues.
View your recovery codes
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Complete the login process using one of the two-factor authentication methods described earlier.
-
In the left navigation pane, select Account Settings, and then select Two-factor Authentication.
{width="600" modal="regular"}
-
To view your pre-generated recovery codes, select View Recovery Codes.
-
Enter the Verification Code sent to your email and select Verify Code to continue.
{width="400"}
-
Save the Recovery Codes presented in a safe and accessible place.
If you cannot provide a verification code to log in to your Commerce account, using a recovery code is the only way to regain account access.
Each recovery code is one-time use only, but you can always generate new ones. Recovery codes are case-sensitive.
{width="400"}
-
Select the confirmation checkbox and select Submit to close the dialog.
Generate new recovery codes
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Complete the login process using one of the two-factor authentication methods described earlier.
-
In the left navigation pane, select Account Settings, and then select Two-factor Authentication.
-
To generate new pre-generated Recovery Codes, select Generate New Recovery Codes.
-
Enter the Verification Code sent to your email and select Verify Code to continue.
-
Save the Recovery Codes presented in a safe and accessible place.
If you cannot provide a verification code when you log in to your Commerce account, using a recovery code is the only way to regain account access.
All previously generated recovery codes are now rendered invalid and should be discarded (only the current set of generated recovery codes are functional). Recovery codes are case-sensitive.
-
Select the confirmation checkbox and select Submit to close the dialog.
Change your recovery email
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Complete the login process using one of the two-factor authentication methods described earlier.
-
In the left navigation pane, select Account Settings, and then select Two-factor Authentication.
-
Select Change Recovery Email to change the recovery email on file for your account.
-
Enter the Verification Code sent to your email and select Verify Code to continue.
-
To help ensure that you can recover access to your account, enter a Recovery Email.
This email address is needed if you cannot generate a verification code from your two-factor authentication application and you do not have access to an unused pre-generated recovery code.
Once every 24 hours, you can generate and send a temporary recovery code to your designated recovery email address. You can use this code to regain account access.
note important IMPORTANT Maintain access to your recovery email account. Otherwise, you cannot use temporary recovery codes sent to that account. -
Select the confirmation checkbox and select Submit to close the dialog.
The system sends an email notification to the recovery email that you designated to confirm that particular email address is on file as your recovery email for receiving temporary recovery codes.
Change your two-factor authentication application
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Complete the login process using one of the two-factor authentication methods described earlier.
-
In the left navigation pane, select Account Settings, and then select Two-factor Authentication.
-
Select Change TFA Application to use a different TFA application with your magento.com account.
-
Enter the Verification Code sent to your email and select Verify Code to continue.
-
Open the two-factor authentication application on your personal device.
-
Enter the Setup Code into your two-factor authentication application.
You can add the code by scanning the QR code using the TFA application, or manually entering it. This code pairs your TFA application with your Commerce account and enables the permissions for the TFA app to generate verification codes for secure account access.
note note NOTE For security, the verification codes in your TFA application continuously expire and regenerate. Always use the code that is currently displayed. -
With your TFA application now paired with your Commerce account, enter the Verification Code displayed in your TFA application and select Verify Code to continue.
-
Save the Recovery Codes presented in a safe and accessible place.
If you cannot provide a verification code when you log in to your Commerce account, the only way to regain account access is to use a recovery code.
Each recovery code is one-time use only, but you can always generate new ones. Recovery codes are case-sensitive. Recovery codes are case-sensitive.
-
Select the checkbox to confirm and select Submit to continue.
-
To help ensure that you can recover access to your account, enter a Recovery Email.
This email address is needed if you cannot generate a verification code from your two-factor authentication application and you do not have access to an unused pre-generated recovery code.
Once every 24 hours, you can generate and send a temporary recovery code to your designated recovery email address. Use this code to regain account access.
note important IMPORTANT Maintain access to your recovery email account. Otherwise, you cannot use temporary recovery codes sent to that account. -
Select the confirmation checkbox and select Submit to complete the two-factor authentication setup process.
An email notification is sent to the recovery email that you designated to confirm that particular email address is on file as your recovery email for receiving a temporary recovery code.
Disable two-factor authentication
-
Go to the Commerce .
-
Enter your username and password credentials, and then select Login.
-
Complete the login process using one of the two-factor authentication methods described earlier.
-
In the left navigation pane, select Account Settings and select Two-factor Authentication underneath.
-
Select Disable to begin the TFA deactivation process.
-
Enter the Verification Code sent to your email and select Verify Code to continue.
-
Select the confirmation checkbox and select Submit to complete the deactivation for two-factor authentication.
The system sends an email confirmation indicating that TFA has been disabled on your Commerce account.
{width="400"}