Magento Two-Factor Authentication will protect your store from insecure Internet connections (wifi, mobile), key loggers, and more. Every time you login into your Web site there is a chance that someone is sniffing or logging the password, which can later be used to login to your store and wreak havoc. You can protect your store from these attacks by using our advanced Magento Two-Factor Authentication, which uses Google authenticator and your smart phone in order to authenticate your admin session.
Note: This list is not an complete list of features. Please try the demo to see this extension in action.
- Secure Login to your Magento Backend
With our Two-Factor System you will need to enter a time-based passcode when logging into Magento. This passcode changes every 30 seconds, so even if someone knows your password, they will not be able to login to your backend.
- Rate Limit Login Attempts
Limit the number of allowed attempts for a given IP address in order to prevent brute force attacks against your admin panel.
- Secure Against Advanced Connection Sniffing
With most time-based passcodes it is possible to login if your user credentials / passcode can be sniffed and entered within 30 seconds. With our secure setup we only allow a passcode to be used once, so even if both your password / passcode are sniffed they will not be able to be used for login.
- Secure Against Key Logging
If you login from a computer that is logging keyboard input, then your password is at risk. With Two-Factor Authentication it will not matter if your password is stolen as the attacker will also need to know your time-based passcode, which changes every 30 seconds and can only be used successfully once before it expires.
- Logging of Login Attempts
Failed login attempts including IP address, time, passcode used, etc are logged so that you may review if someone is trying to brute force your login system.
- IP Address White Listing for Verification Code New!
Some IP addresses (such as the office IP) may be trusted and not require entering the verification code. This is easy to accomplish with our flexible IP white list rules.
- Flexibility in Authentication Requirements
Each admin account can have various levels of security requirements. You can set an account to require a password only, a passcode only, or both the password and passcode. This way you can use one account when logging in from trusted networks and use another admin account when logging in from untrusted networks.
Risk-free purchase30-day moneyback guarantee. We are that confident in the quality of our software.
Plug-in-play solutionsExtensions are extensively tested, easy to install, and configure. No need to edit the code yourself.
Future-proof softwareWe constantly release updates that add new features and increase usability and performance. You can even get updates for free.
Outstanding supportOur support is quick, friendly, and offers useful guidance. Customer satisfaction is our #1 goal.
Zero bug policyWe hate bugs as much as you do. We oftentimes release bug fixes on the same day of discovery. We are expert exterminators.
Simple licensing structureWe license by edition and installation. We don't license by number of customers, stores, products, or anything complicated.
Long term strategyWe have been developing for Magento for 3 years. We love the platform and the community and will continue to develop for Magento for years to come.