Managing Two-Factor Authentication

Users who are unable to sign in to the Admin with two-factor authentication (2FA) can try to sync or troubleshoot the problem. You can also reset the authenticator associated with the account. When reset, the user must sign in again and reconfigure the authenticator.

If you have trouble signing in with 2FA, consider the following:

  • Some mobile apps include options to sync. This option reconnects the app and server, and synchronizes the time settings on the device and server.
  • Revoking a device or resetting an authenticator can help users connect.
  • Clearing web cache and cookies for the Magento instance can also help. Authenticators, like Google, use generated cookies to save access and duration. Clear your cookies for your specific browser and Magento instance domain.
  • Blocking cookies prevents some authenticators, such as Google Authenticator, from completing the verification process. Add a rule to your browser that allows cookies for your Magento instance.

To reset authenticators from the command line and more advanced troubleshooting information, see Two-Factor Authentication in the Magento developer documentation.

Reset authenticators per user account

To reset 2FA providers for other users, you must be an administrator or have custom permission under Stores > Settings > Configuration > Two Factor Auth. To learn more, see User Roles.

  1. On the Admin sidebar, go to Stores > Settings > All Users.

  2. Select the user and open the account in edit mode.

  3. Scroll down to the Current User Identity Verification section and enter Your Password.

  4. In the left panel, click 2FA.

  5. In the Configuration reset section, click Reset [provider]. When prompted, click OK to confirm.

    If the user wants to restore the 2FA solution to their account, it must be reconfigured from the Sign On page.

  6. When complete, click Save User.

    User account - 2FA Enable 2FA for User