nopCommerce Two-Factor Authentication (2FA) – Microsoft Authenticator

nopCommerce Two-Factor Authentication (2FA) plugin adds an extra layer of authentication, making your nopCommerce stores more secure. Two-factor authentication, or 2FA, is another name for this sort of MFA, which improves the security of your nopCommerce websites. To protect sensitive data, you must verify that the users attempting to access it are who they say they are. With 2FA, it is possible to protect user passwords and accounts against security threats such as phishing, brute-force attacks, credential exploitation, and others. Role-based 2FA, Domain-based 2FA, IP whitelisting, Customizable KBA questions, Reset 2FA method, Customizable Email and SMS template, Configure Your Own SMS and Email Gateway, and other features are available through the nopCommerce Two Factor Authentication (TFA) plugin. Follow the step-by-step guide to configure nopCommerce 2FA using Microsoft Authenticator.

1. Download & Installation

• Download the nopCommerce Two-Factor Authentication (2FA) plugin.
• Extract the zip file, you can find the plugin install files for different nopCommerce versions.
• To install the plugin, login as admin into your nopCommerce site or store. In the admin dashboard, navigate to Configuration Tab >> Local plugins.
• On the top right corner of the page select the Upload plugin or theme button. Upload the 2FA plugin install file compatible with your nopCommerce site from the extracted plugin folder. Follow the instructions further to install the plugin.

2. Configure Microsoft Authenticator

• Enable two-factor authentication for users as indicated in the image below. All users will have 2FA enabled except the administrator.
• To enable 2FA for administrators, toggle the 2FA for Admins.

• In the App Authenticator click on Configure.

• To set up nopCommerce two-factor authentication with Microsoft Authenticator, click on Configure.

• Scan the QR code generated. You can also use the secret key as an alternative.
• Enter the passcode and click on Verify.

• The configured tag shows that the Microsoft Authenticator has been successfully configured.
• Enable the toggle to activate Microsoft authentication method for your nopCommerce store.

3. Test Microsoft Authenticator on nopCommerce Login

• Login into your nopCommerce store.

• Click on Next to proceed.

• Click on Setup to configure Microsoft Authenticator for nopCommerce.

• Scan the QR code or use the secret key to setup the Microsoft Authenticator.
• Enter the code from Microsoft Authenticator and click on Verify.

• Enter the passcode from your Microsoft Authenticator to confirm your identity.

• You have successfully used two-factor authentication (2FA) to log into your nopCommerce store.

Additional Resources

• Two Factor Authentication (2FA) for ASP.NET
• Two Factor Authentication (2FA) for nopCommerce
• Two Factor Authentication (2FA) for Umbraco