Magento Commerce, 2.2.x
Managing Two-Factor Authentication

If a user has issues accessing the Magento AdminThe password-protected back office of your store where orders, catalog, content, and configurations are managed. with their authenticator, they can attempt to sync or troubleshoot their authenticator. You can also reset the authenticator associated with the account. When reset, the user must reconnect and add the authenticator again when they next access the Admin.

If you have issues accessing the Magento Admin with the authenticators, consider the following:

  • Some mobile apps include options to sync. This option reconnects the app and server, updating in case time settings changed on the device or server.
  • Revoking a device or resetting an authenticator can help users connect.
  • Clearing web cache and cookies for the Magento instance can also help. Authenticators, like Google, use generated cookies to save access and duration. Clear your cookies for your specific browser and Magento instance domainThe address of a website on the web; what the customer types in their browser address bar to access the store..
  • If you have blocked cookies for your browser, this will block some authenticators, like Google, from completing verification and access. Add a rule to allow cookies for your Magento instance.
Emergency CLI Commands

Use the following commands if you lose access to the Admin.

Advanced Emergency Steps

Do not attempt modifying any database information without full understanding of modifications and database management. This is an advanced procedure.

In your database, you can modify the following tables and values to affect and override 2FA. We advise caution when making any changes directly to your database.

  • Table: core_config_data
    msp/twofactorauth/enabled

    Set to zero to disable 2FA globally.

    msp/twofactorauth/force_providers

    Delete this entry to remove forced providers option.

  • Table: msp_tfa_user_config
    Delete one user row to reset the user's 2FA preference and configuration.