Magento implement Two-Factor Authentication to keep hackers away

By Lauren Fruncillo July 19, 2020 - 6:56 pm

Magento have recently implemented Two-Factor Authentication for accounts after the shift towards working remotely has caused an increase in hacking threats.

Magento have always been efficient in their application of security, and they are now supporting the use of 2FA to protect digital storefronts against attacks that target the account login. According to Magento using 2FA security will better protect their merchants from malicious users attempting to perform unauthorized logins in three different areas: accounts, Cloud Admin, and the Magento Admin.

2FA FOR MAGENTO.COM ACCOUNTS – When logging into services you will be able to use Two-Factor Authentication. To enable it log into My Account and navigate to Two-Factor Authentication under the Account Settings menu.

2FA FOR CLOUD ADMIN VIA SSH – 2FA will also be available for Magento Commerce hosted in the cloud using SSH to prevent unauthorized users from accessing the servers. This will be released in the Magento Commerce 2.4 update but must be turned on. When 2FA is enforced, normal SSH key access to a project will no longer function for that user. Instead, a certifier must be used. The certifier is a remote component that allows a user to exchange an access token (the same type of tokens used in the Project UI, the CLI, etc.). The tokens are short-lived SSH certificates that replace the common public/private key exchange.

2FA FOR MAGENTO ADMIN – Adobe security operations found that malicious users were accessing compromised admin accounts to load card skimmers on the site. 2FA has been applied to Magento Admin to help reduce these kinds of attacks by providing an extra layer of authentication. In the release of Magento Commerce 2.4 2FA will be enabled by default for the Magento Admin and cannot be disabled.

Comments are closed.

Featured in this article from the Tamebay Guide – companies that can help you grow and manage your business.


Magento is a modern cloud eCommerce platform. Magento extends beyond the shopping cart for every shoppable experience, including email, mobile, in-store, and more

See More Companies >

Recent Comments

14 hours ago
Toby: 'As a responsible vendor, eBay are now requiring you to pop a disclaimer in listings...
14 hours ago
Mark Pearson: Hopefully it will help them to stop losing so many of our parcels. Their...
15 hours ago
Chris Dawson: RT you are so right! :D...
16 hours ago
Rt: Back in the day this thread would have gone viral With all sorts of views on...