magenxcommerce / module-two-factor-auth
Two Factor Authentication module for Magento2
Installs: 2
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:magento2-module
Requires
- php: ~7.3.0||~7.4.0
- 2tvenom/cborencode: ^1.0
- christian-riesen/base32: ^1.3
- donatj/phpuseragentparser: ~0.7
- endroid/qr-code: ^3.7
- magenxcommerce/framework: *
- magenxcommerce/magento-composer-installer: *
- magenxcommerce/module-authorization: *
- magenxcommerce/module-backend: *
- magenxcommerce/module-config: *
- magenxcommerce/module-integration: *
- magenxcommerce/module-store: *
- magenxcommerce/module-ui: *
- magenxcommerce/module-user: *
- phpseclib/phpseclib: 2.0.*
- spomky-labs/otphp: ^10.0
Replaces
- magento/module-two-factor-auth: *
This package is auto-updated.
Last update: 2024-10-22 11:24:56 UTC
README
MSP TwoFactorAuth
Two Factor Authentication module for maximum backend access protection in Magento 2.
Member of MSP Security Suite
See: https://github.com/magespecialist/m2-MSP_Security_Suite
Did you lock yourself out from Magento backend? click here.
Main features:
- Providers:
- Google authenticator
- QR code enroll
- Authy
- SMS
- Call
- Token
- One touch
- U2F keys (Yubico and others)
- Duo Security
- SMS
- Push notification
- Google authenticator
- Central security suite events logging
- Per user configuration
- Forced global 2FA configuration
Installing on Magento2:
1. Install using composer
From command line:
composer require msp/twofactorauth
2. Enable and configure from your Magento backend config
Enable from Store > Config > SecuritySuite > Two Factor Authentication.
3. Enable two factor authentication for your user
You can select among a set of different 2FA providers. Multiple concurrent providers are supported.
4. Subscribe / Configure your 2FA provider(s):
4.1 Google Authenticator example
4.2. Duo Security example
4.3. U2F key (Yubico and others) example
4.4. Authy example
Emergency commandline disable:
If you messed up with two factor authentication you can disable it from command-line:
php bin/magento msp:security:tfa:disable
This will disable two factor auth globally.
Emergency commandline reset:
If you need to manually reset one single user configuration (so you can restart configuration / subscription), type:
php bin/magento msp:security:tfa:reset <username> <provider>
e.g.:
php bin/magento msp:security:tfa:reset admin google
php bin/magento msp:security:tfa:reset admin u2fkey
php bin/magento msp:security:tfa:reset admin authy
Emergency of emergency and your house is on fire, your dog is lost and your wife doesn't love you anymore:
DO NOT ATTEMPT TO MODIFY ANY DB INFORMATION UNLESS YOU UNDERSTAND WHAT YOU ARE DOING
Table core_config_data
:
msp/twofactorauth/enabled
: Set to zero to disable 2fa globallymsp/twofactorauth/force_providers
: Delete this entry to remove forced providers option
Table msp_tfa_user_config
:
- Delete one user row to reset user's 2FA preference and configuration