XTENTO is a Magento Technology Partner
Enhanced Admin Security: Two-Factor Authentication

Two-Factor Authentication

4 Customer Reviews +
Enhanced Admin Security: Two-Factor Authentication 5 out of 5 based on 4 user reviews
Protect your Magento backend against unauthorized logins and fraudsters today! Because passwords just aren't enough.

Fearing someone could log into your Magento store to download all your orders, customers and other sensitive data? Fearing hackers and the consequences after getting hacked? Fear no more!

Using the Two-Factor Authentication extension by XTENTO, additional security information will be required when logging into the Magento backend. Besides the username and the password, a so called security code (a one-time password (OTP), see screenshot) will be required to log in. The security code gets generated by your smartphone (the second factor). Each security code can be used once only and is valid for 30 seconds only.

Add to Cart$69 Installation & Configuration Service

 Compatibility

Community Edition
Compatible with 1.2.x.x - 1.9.x.x
Professional Edition
Compatible with 1.8.x.x - 1.11.x.x
Enterprise Edition
Compatible with 1.7.x.x - 1.14.x.x
Just turn on your smartphone - open the Authenticator application - and you'll immediately see the security code required to log in, valid for the next 30 seconds only. It's really easy, but the increase in security is immense.

As long as you've got your phone, this will ensure only YOU are able to login, and nobody else. No other person is able to generate the security code as it's generated using a unique secret key only known to your phone. You can't log in if you don't have the security code. You can't log in if you don't have the password. You always need the password and the security code to log in. This makes it almost impossible for hackers to log into your Magento backend.

Setting up Two-Factor Authentication for an adminstrator in Magento is easy: Just go to the Users section in the Magento backend, click Create secret key and scan the barcode using the Authenticator application. That's it! Your account is now protected against unauthorized logins.

Get the Two-Factor Authentication extension now to protect against today's threats without the hassle and cost of yesterday's technology.

New feature! Disable Two-Factor Authentication for known IP addresses: Simply enter the IP addresses you don't want to use Two-Factor Authentication for in the Magento admin. This especially makes sense if you've got a static IP address and don't want to enter your secret key when logging in from a known and trustworthy IP address.

More Details

This extension is compatible with every iPhone (iOS 3.1+), iPad, iPod touch, Android (1.5+) and BlackBerry (OS 4.5-6.0) smartphone. The extension uses the free open-source Google Authenticator application to generate the security code required to log in.

Before your purchase, please make sure your device is able to run the Authenticator application.

Android: Open the Android Market and search for Google Authenticator
iPhone/iPad/iTouch: Visit the App Store and search for Google Authenticator
BlackBerry: Visit http://m.google.com/authenticator on your BlackBerry

Screenshots:

Magento Backend Login
Backend Login

iPhone Application (Screen 1: Security code generation; Screen 2 & 3: Setting up the code, required once only - Click to zoom)
iPhone iPhone iPhone

Additional Information
The secret key will only be saved on your smartphone. Neither XTENTO nor Google will be able to recover it. The magic all happens on your device.

If you ever lose your smartphone, be sure to create a new key in the Two-Factor Authentication section under 'Users' in Magento so no one is able to log in using your smartphone.

This extension does not guarantee a 100% protection against hackers. If someone hacks your FTP server, they will be able to disable the security code login, but if that ever happens, they'd be able to download your database anyways without Magento backend access.

If you have any questions regarding this module, please don't hesitate to contact us.

Frequently Asked Questions & Support
More information about this extension and answers for frequently asked questions can be found in our Support Wiki.

Configure & Add to Cart$69
  • Excellent Extension

    Two factor is a must for protecting your back end administration from snooping and prying eye. After researching for two factor extensions, we decided to give Xtento Two-Factor Authentication a try. The installation comes with intuitive installation...

    Magento Store Owner 1.8.01
  • Another excellent extension

    We set this up in a matter of minutes and the only difficulty I had was with Google Authenticator on my Blackberry. For the other users, who had Apple and Android phones, this was very easy to set up. Having used Xtento for another extension and...

    Mark
  • Really an increase in securit..

    This extension really gives us a feeling of security. We got hacked last year because of a lost password. All our customer data was stolen. We are pretty sure now this isn't possible anymore - they'd need to have my iPhone as well to log in. Easy...

    Thomas S.
Read 1 other reviews...

Extension Information

Current Version: 1.0.4

Last Updated: October 19, 2014


Developer Information / Rewrites / Events
View Changelog