Search Results :

×

OTP Over SMS Two Factor Authentication (2FA) for Magento - Complete Setup Guide

Setup OTP Over SMS 2FA - Two Factor Authentication for Magento 2. This step by step comprehensive setup guide will help you to configure OTP over SMS as Two Factor Authentication ( 2FA ) method for your Magento 2 store admins (Backend Users) and customers (Frontend Users). 2FA Extension for Magento 2 by miniOrange allows you to setup an additional layer of authentication in addition to the standard login and password verification method (2FA).
This step by step complete setup guide will help you setup and configure OTP Over SMS (Login into Magento Using Mobile OTP) 2FA Method for your Magento 2 store. Secure your store with 15+ Authentication Methods to choose from along with advance features like Role based 2FA, Different 2FA methods for multiple sites, Skip 2FA & Remember My Device, IP specific 2FA (Whitelisting IP Address) and more.

To know more about other features we provide in Magento 2 2FA (Two Factor Authentication), you can click here.

Youtube-color Created with Sketch.

Magento 2FA - Two Factor Authentication Setup Video Setup Video.


  • Purchase the miniOrange Magento 2FA Two Factor Authentication extension from magento marketplace.
  • On the marketplace dashboard select My profile > My purchases and note the module_name & version.
  • Then again go to My Profile > Access Keys in the marketplace dashboard and note the access keys. (If you do not have an access key, simply click the "Create A New Access Key" button to generate one).
  • Use the below command in command prompt to add the extension to your project.
  • "composer require miniorange_inc/miniorange-2fa"
  • Use Public key as username and private key as password for verification which you will get from access keys.
  • Run the following commands on command prompt to enable the extension.
  • php bin/magento setup:di:compile
    php bin/magento setup:upgrade
  • Download miniOrange Two Factor Authentication Free plugin zip from here.
  • Unzip all contents of the zip inside the MiniOrange/Two_FA directory.
  • {Root Directory of Magento} app code MiniOrange Two_FA
  • Run the following commands on command prompt to enable the plugin
  • php bin/magento setup:di:compile
    php bin/magento setup:upgrade

Step-by-Step Guide for Configuring OTP Over SMS Two Factor Authentication into Magento

  • Navigate to 2FA Settings tab and select Customer 2FA to setup 2FA for customers.

  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Select the Site and Customer Group on which you would like to enable the OTP Over SMS Method.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Enable OTP Over SMS option and click on Add Rule button.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Go to Customer Login page and login with your username and password.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • After entering their login credentials, users are required to verify by entering the OTP sent to their registered phone number to access to your Magento store.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

    Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Navigate to 2FA Settings tab and select Admin 2FA to setup 2FA for admins.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Select the Admin Role on which you would like to enable the OTP Over SMS Method.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Enable OTP Over SMS option and click on Add Rule button.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Go to Admin Login page and login with your username and password.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • After entering their login credentials, admins are required to verify by entering the OTP sent to their registered phone number to access to your Magento store.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

    Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Users who have successfully configured 2FA are recorded in User Management tab.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Admin can disable and reset the 2FA method for frontend and backend users who want to skip 2FA or incase they are locked out.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2 - OTP Over SMS

  • Click on the checkbox infront of the user and click on Disable or Reset option to perform the required settings.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • 2FA will now be disabled or restored for the selected users.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • Select the Email Gateway Configuration in the custom Gateway tab.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Enter the Hostname, Port, Username and Password as required.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • You can customize Sender's Email and Sender's Name as required.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • You can customize OTP Length and Email Template to be sent to the user according to your requirments.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • To test the settings you can send a test email to the desired email address.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • Select the SMS Gateway Configuration in the custom Gateway tab.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Select your API Provider from the dropdown menu.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Enter the detials required as requested for each API provider.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • You can customize OTP Length and SMS Template to be sent to the user according to your requirments.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • To test the settings you can send a test sms to the desired phone number.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • Enable the Popup Customization from the provided toogle button.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Modify the Background Color, Text Color, Button color and Popup Color as required and click on Save. You can see the login form is now customized accordingly.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • Enabling this option activates the "Remember Device" feature. Trusted devices bypass the second factor (e.g., OTP) on subsequent logins, allowing access with just a username and password.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • You can also set a limit onNumber of devices that can be remembered and Device Remember Period
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Frontend users can now see Remember My Device option while logging in via 2FA. Once enabled the device will skip the 2FA for selected period of time.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • Enabling this option will provide customers with the "Remind me later" feature. Customers can bypass the second factor (e.g., OTP) for a specified number of days, allowing access using only their username and password.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • You can also select Number of Days to allow your frontend users to bypass 2FA for selected period of time.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • Frontend users can now see Remind Me Later option while logging in via 2FA. Once enabled the device will skip the 2FA for selected period of time.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • This allows the admins to control access using IP Whitelisting and IP Blacklisting.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • IP Whitelist allows admin to Skip 2FA for the desired IP address and the user can login using only their username and password.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • IP Blacklist allows admin to restirct assess from specific IP address preventing unathorized users from log in.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

    Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


  • Enabling this option will require customers to complete Two-Factor Authentication (2FA) during the registration process, ensuring they verify their identity before creating an account.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

  • When a users registers with a New Account they will be required to verify using the available or selected 2FA methods.
  • Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2

    Magento 2FA - Magento 2 Two Factor Authentication - 2FA for Magento 2


Please reach out to us at magentosupport@xecurify.com, and our team will assist you with setting up the Magento 2FA Extension. Our team will help you to select the best suitable solution/plan as per your requirement.

ADFS_sso ×
Hello there!

Need Help? We are right here!

support