Two-factor authentication is a process in which the user must authenticate the account through an additional method, after authenticating the account with the login information. This technique is used to enhance account security by not allowing anyone with the username and password to log into the site. Additional authentication methods involve verifying the account using a phone or email account.
We will be using an existing plugin to implement two-factor authentication with the use of email verification as the second authentication method.
We need to install the Two-Factor extension. Use the following steps to install and activate the plugin:
- Log in to the dashboard as an administrator.
- Click the Extensions | Add.
- Look for Two-Factor in the Find Extensions field.
- Once the plugins are listed, click on the Install button.
- Click the Activate button to activate the plugin.
- Now you are ready to begin.
Log in to the dashboard as the user for whom you want to activate 2FA. You can use an administrator or non-administrator user.
If you have selected the administrator user, click the Your Profile menu item under the Users menu item in the left menu. If you have selected a non-administrator user, click on the Profile menu item in the left menu.
Scroll down to the Account Management section to see a screen similar to the following:
Select one of the options from the Two-Factor Options setting using the checkbox in the Enabled column.
In this case, we select the Email option.
- Select the radio button in the main column to make the option the main option.
- Click the Update Profile button to update the profile with your two-factor settings.
The 2FA method is configured especially for this user.
Log out of the site. You will be redirected to the login screen.
Enter your username and password and click the Login button to log into the site. You will get a screen similar to the following:
Log in to the email account that was used to register your user account and search for the email. Copy the code and go to the previous screen, which displays the verification code entry form. Paste the code and click the Submit button.
Now you will be logged into your site. So instead of the normal login, now we have to go through a two-step process with additional verification.