ÃÛ¶¹ÊÓƵ

Two-factor authentication setup for user accounts

These instructions show how to set up two-factor authentication during your initial sign in to ÃÛ¶¹ÊÓƵ Commerce or Magento Open Source and how to authenticate your identity using the following apps and devices.

For complete instructions, see Admin Sign In.

NOTE
Stores that have enabled ÃÛ¶¹ÊÓƵ Identity Management Services (IMS) authentication have native ÃÛ¶¹ÊÓƵ Commerce and Magento Open Source 2FA disabled. Admin users who are logged into their Commerce instance with their ÃÛ¶¹ÊÓƵ credentials do not need to reauthenticate for many Admin tasks. Authentication is handled by ÃÛ¶¹ÊÓƵ IMS when the Admin user logs into their current session. See ÃÛ¶¹ÊÓƵ Identity Management Service (IMS) Integration Overview.

Google Authenticator

Step 1: Set up Google Authenticator

  1. Enter your account credentials and sign in to the Admin. A new authenticator screen appears with a QR code.

  2. Open the Google Authenticator app on your mobile device.

  3. Click the plus sign ( + ) to add an entry and line up the red box with the QR code to scan with the camera on your smart phone.

  4. When your phone recognizes the QR code and adds an entry, enter that 6-digit code in the Admin Authenticator code field.

  5. When complete, click Confirm.

    Google Authenticator QR code {width="300"}

Step 2: Sign in with Google Authenticator

  1. Enter your account credentials and sign in to the Commerce Admin.

    Google Authenticator - signin {width="300"}

  2. Open Google Authenticator on your mobile device.

  3. When prompted, enter the six-digit authentication code.

  4. To save the authentication for future logins, select the Trust this device, do not ask again checkbox.

  5. When complete, click Confirm.

Duo Security

Duo offers a free trial, and charges according to the number of users that are associated with the account. Follow their .

Step 1: Set up Duo Security

  1. Enter your account credentials and sign in to the Admin.

  2. When the Duo Setup page appears, click Start setup and do the following:

    Example storefront - Duo setup {width="300"}

  3. Select your device.

  4. When prompted, enter your phone number and click Continue.

    This example requests your phone number, because we are using a mobile device.

  5. When prompted to install Duo Mobile for your phone type, click I have Duo Mobile.

  6. Open Duo Mobile and scan the QR code to sync the authenticator with ÃÛ¶¹ÊÓƵ Commerce. A checkmark appears when the activation is complete.

  7. To configure your settings for the device, choose the action that you want to take place when you sign in.

    • Ask me to choose an authenticator method — Allows the user to select when logging in and authenticating in the Admin.
    • Automatically send this device a Duo Push — Sends a message to your device to accept or deny for access.
    • Automatically call this device — Calls and provides a passcode to enter for access.

    Duo verification actions {width="300"}

Step 2: Sign in with Duo Security

The following example shows the options for Ask me to choose an authenticator method:

  1. When prompted, enter your Admin credentials to sign in.

    Duo - signin {width="300"}

  2. Choose the method that you want to use to authenticate:

    • Send Me a Push — Click to receive a push notice to Duo Mobile. Accept to authenticate.
    • Call Me — Click this option, receive a call with a code, and enter the pass code.
    • Enter a Passcode — Click this option to receive and enter a pass code.
  3. Complete the push or code to fully sign in to the Admin.

Authy

Authy offers their app and service at no charge to users. Follow their instructions to download and set up the app for your device or browser. To learn more, see the .

Step 1: Set up Authy

  1. Enter your account credentials and sign in to the Admin.

    Authy registration {width="300"}

  2. When prompted to register yourself with Authy, do the following:

    • Select your country.

    • Enter your phone number.

    • Select the Verification method: SMS or Call Me

    Click Continue. A message is sent to your phone through SMS text or a call.

  3. Enter the verification code that you receive and click Verify.

  4. When complete, click Confirm.

    Authy verification code {width="300"}

Step 2: Sign in with Authy

  1. Enter your account credentials and sign in to the Admin.

    Authy - signin {width="300"}

  2. Choose one of the following methods to authenticate:

    • Use one touch — Sends an alert to your Authy app. In the app, accept the access.
    • Use authy token — Prompts to enter a code from your Authy app.
  3. If you have trouble signing in, choose the method you want to use to receive the code. Then, enter the code that you receive to access the Admin.

    The app includes these additional emergency methods.

    • Send me a code via SMS — A text SMS message is sent to the configured mobile device.
    • Send me a code via phone call — The user receives a phone call with a code.

    Your account is verified and opens.

U2F (Yubikey and other devices)

Follow the instructions from the solution provider to configure your U2F device. For more information, see the vendor documentation, such as by Yubico.

  1. Enter your account credentials and sign in to the Admin.

    U2F key access {width="300"}

  2. Press the button on the key.

    Authentication immediately triggers and opens the Admin.

  3. Insert the U2F key into a USB port on your computer.

recommendation-more-help
d3c62084-5181-43fb-bba6-1feb2fcc3ec1