After July 2021, the 2.3.x release line no longer received quality updates or user guide updates. PHP 7.3 reached end of support in December 2021, and Adobe Commerce 2.3.x reached end of support in September 2022. We strongly recommend upgrading to Adobe Commerce 2.4.x to help maintain PCI compliance.

2FA

This site contains archived merchant documentation for a version of Adobe Commerce and Magento Open Source that has reached end-of-support. The documentation available here is intended for historical reference only and is not maintained. The Adobe Commerce Merchant Documentation for current releases is published on the Adobe Experience League.

Stores > Settings > Configuration > Security > 2FA

General

Field	Scope	Description
Enable Two Factor Auth	Global	Indicates if two-factor authentication is enabled or disabled for the Magento Admin. If enabled, you should select and enable providers. For complete details, see Two-Factor Authentication. Options: Yes / No (default)
Force providers	Global	(Optional) Indicates the authentication providers you require for users. To allow users to select their own authenticator, do not select an option. If you select one or more, all selected authenticators are required to login. For complete details, see Two-Factor Authentication.

Google Authenticator

Google Authenticator

Field	Scope	Description
Enable this provider	Global	Indicates if the Google Authenticator authentication method is enabled or disabled for users. If enabled, configure with Google Authenticator configurations. For complete details, see Two-Factor Authentication. Options: Yes / No (default)
Enable “trust this device” option	Global	Indicates if the method will saved trusted devices, laptops, computers, tablets, etc. If enabled, as users complete authentication, a log saves for each entry. See Managing Two-Factor Authentication for information about managing and revoking trusted devices per user account.

U2 Devices (Yubikey and others)

Field	Scope	Description
Enable this provider	Global	Indicates if the U2F Device authentication methods are enabled or disabled for users. If enabled, configure the options. For complete details, see Two-Factor Authentication. Options: Yes / No (default)
Enable “trust this device” option	Global	Indicates if the method will saved trusted devices, laptops, computers, tablets, etc. If enabled, as users complete authentication, a log saves for each entry. See Managing Two-Factor Authentication for information about managing and revoking trusted devices per user account.

Duo Security

Field	Scope	Description
Enable Two Factor Auth	Global	Indicates if the Duo Security authentication method is enabled or disabled for users. If enabled, configure with Duo Security configurations. For complete details, see Two-Factor Authentication. Options: Yes / No (default)
Integration Key	Global	Indicates the integration key provided through your Duo Security account.
Secret Key	Global	Indicates the secret key provided through your Duo Security account.
API Hostname	Global	Indicates the API hostname configured through your Duo Security account.

Authy

Field	Scope	Description
Enable this provider	Global	Indicates if the Authy authentication method is enabled or disabled for users. If enabled, configure with Authy configurations. For complete details, see Two-Factor Authentication. Options: Yes / No (default)
API Key	Global	Indicates the API key provided figured through your Authy account.
Enable “trust this device” option	Global	Indicates if the method will saved trusted devices, laptops, computers, tablets, etc. If enabled, as users complete authentication, a log saves for each entry. See Managing Two-Factor Authentication for information about managing and revoking trusted devices per user account.
OneTouch Message	Global	Indicates the text message to send when requesting a OneTouch message. This message displays to the user through the Authy authenticator.