Magento Commerce, 2.3.x

2FA

Stores > Settings > Configuration > Security > 2FA

General

Field Descriptions

Field

Scope

Description

Enable Two Factor Auth

Global

Indicates if two-factor authentication is enabled or disabled for the Magento Admin. If enabled, you should select and enable providers. For complete details, see Two-Factor Authentication. Options: Yes, No (default)

Force providers

Global

(Optional) Indicates the authentication providers you require for users. To allow users to select their own authenticator, do not select an option. If you select one or more, all selected authenticators are required to login. For complete details, see Two-Factor Authentication.

Google Authenticator

Field Descriptions

Field

Scope

Description

Enable this provider

Global

Indicates if the Google Authenticator authentication method is enabled or disabled for users. If enabled, configure with Google Authenticator configurations. For complete details, see Two-Factor Authentication. Options: Yes, No (default)

Enable "trust this device" option

Global

Indicates if the method will saved trusted devices, laptops, computers, tablets, etc. If enabled, as users complete authentication, a log saves for each entry. For details, see Managing Two-Factor Authentication for information on managing and revoking trusted devices per user account.

U2 Devices (Yubikey and others)

Field Descriptions

Field

Scope

Description

Enable this provider

Global

Indicates if the U2F Device authentication methods are enabled or disabled for users. If enabled, configure the options. For complete details, see Two-Factor Authentication. Options: Yes, No (default)

Enable "trust this device" option

Global

Indicates if the method will saved trusted devices, laptops, computers, tablets, etc. If enabled, as users complete authentication, a log saves for each entry. For details, see Managing Two-Factor Authentication for information on managing and revoking trusted devices per user account.

Duo Security

Field Descriptions

Field

Scope

Description

Enable Two Factor Auth

Global

Indicates if the Duo Security authentication method is enabled or disabled for users. If enabled, configure with Duo Security configurations. For complete details, see Two-Factor Authentication. Options: Yes, No (default)

Integration Key

Global

Indicates the integration key provided through your Duo Security account.

Secret Key

Global

Indicates the secret key provided through your Duo Security account.

API Hostname

Global

Indicates the APIApplication Program Interface: A software interface that lets third-party applications read and write to a system using programming language constructs or statements. hostname configured through your Duo Security account.

Authy

Field Descriptions

Field

Scope

Description

Enable this provider

Global

Indicates if the Authy authentication method is enabled or disabled for users. If enabled, configure with Authy configurations. For complete details, see Two-Factor Authentication. Options: Yes, No (default)

API Key

Global

Indicates the API key provided figured through your Authy account.

Enable "trust this device" option

Global

Indicates if the method will saved trusted devices, laptops, computers, tablets, etc. If enabled, as users complete authentication, a log saves for each entry. For details, see Managing Two-Factor Authentication for information on managing and revoking trusted devices per user account.

OneTouch Message Global Indicates the text message to send when requesting a OneTouch message. This message displays to the user through the Authy authenticator.