Two-factor authentication setup for user accounts
These instructions show how to set up two-factor authentication during your initial sign in to ÃÛ¶¹ÊÓƵ Commerce or Magento Open Source and how to authenticate your identity using the following apps and devices.
For complete instructions, see Admin Sign In.
Google Authenticator
Step 1: Set up Google Authenticator
-
Enter your account credentials and sign in to the Admin. A new authenticator screen appears with a QR code.
-
Open the Google Authenticator app on your mobile device.
-
Click the plus sign ( + ) to add an entry and line up the red box with the QR code to scan with the camera on your smart phone.
-
When your phone recognizes the QR code and adds an entry, enter that 6-digit code in the Admin Authenticator code field.
-
When complete, click Confirm.
{width="300"}
Step 2: Sign in with Google Authenticator
-
Enter your account credentials and sign in to the Commerce Admin.
{width="300"}
-
Open Google Authenticator on your mobile device.
-
When prompted, enter the six-digit authentication code.
-
To save the authentication for future logins, select the Trust this device, do not ask again checkbox.
-
When complete, click Confirm.
Duo Security
Duo offers a free trial, and charges according to the number of users that are associated with the account. Follow their .
Step 1: Set up Duo Security
-
Enter your account credentials and sign in to the Admin.
-
When the Duo Setup page appears, click Start setup and do the following:
{width="300"}
-
Select your device.
-
When prompted, enter your phone number and click Continue.
This example requests your phone number, because we are using a mobile device.
-
When prompted to install Duo Mobile for your phone type, click I have Duo Mobile.
-
Open Duo Mobile and scan the QR code to sync the authenticator with ÃÛ¶¹ÊÓƵ Commerce. A checkmark appears when the activation is complete.
-
To configure your settings for the device, choose the action that you want to take place when you sign in.
Ask me to choose an authenticator method
— Allows the user to select when logging in and authenticating in the Admin.Automatically send this device a Duo Push
— Sends a message to your device to accept or deny for access.Automatically call this device
— Calls and provides a passcode to enter for access.
{width="300"}
Step 2: Sign in with Duo Security
The following example shows the options for Ask me to choose an authenticator method
:
-
When prompted, enter your Admin credentials to sign in.
{width="300"}
-
Choose the method that you want to use to authenticate:
Send Me a Push
— Click to receive a push notice to Duo Mobile. Accept to authenticate.Call Me
— Click this option, receive a call with a code, and enter the pass code.Enter a Passcode
— Click this option to receive and enter a pass code.
-
Complete the push or code to fully sign in to the Admin.
Authy
Authy offers their app and service at no charge to users. Follow their instructions to download and set up the app for your device or browser. To learn more, see the .
Step 1: Set up Authy
-
Enter your account credentials and sign in to the Admin.
{width="300"}
-
When prompted to register yourself with Authy, do the following:
-
Select your country.
-
Enter your phone number.
-
Select the Verification method:
SMS
orCall Me
Click Continue. A message is sent to your phone through SMS text or a call.
-
-
Enter the verification code that you receive and click Verify.
-
When complete, click Confirm.
{width="300"}
Step 2: Sign in with Authy
-
Enter your account credentials and sign in to the Admin.
{width="300"}
-
Choose one of the following methods to authenticate:
Use one touch
— Sends an alert to your Authy app. In the app, accept the access.Use authy token
— Prompts to enter a code from your Authy app.
-
If you have trouble signing in, choose the method you want to use to receive the code. Then, enter the code that you receive to access the Admin.
The app includes these additional emergency methods.
Send me a code via SMS
— A text SMS message is sent to the configured mobile device.Send me a code via phone call
— The user receives a phone call with a code.
Your account is verified and opens.
U2F (Yubikey and other devices)
Follow the instructions from the solution provider to configure your U2F device. For more information, see the vendor documentation, such as by Yubico.
-
Enter your account credentials and sign in to the Admin.
{width="300"}
-
Press the button on the key.
Authentication immediately triggers and opens the Admin.
-
Insert the U2F key into a USB port on your computer.