Two Factor AuthenticationGitHub
What is Sentry?
The Sentry Two-Factor Authentication module is a free, open source extension for the Magento eCommerce platform. When activated, the extension will require two-factor authentication for all administrative users. This greatly enhances security by protecting against compromised user passwords, which represent the most common type of online security breach.
How it Works
- Google Authenticator Application (free)
- Duo Security (free for 10 users or fewer)
- Available on Android, iOS, Windows Phone and Blackberry
- Easy installation and administration
- Open Source
- Created and actively maintained in partnership between Human Element and Nexcess.net
- Extensive logging to help fulfill PCI requirements
You can download the extension from the Magento Connect Marketplace. Once downloaded, install it on your Magento site with the Direct File Upload option in your system’s Magento Connect Manager. It is recommended to disable the Magento compiler before installation. Should you wish to use modman, a modman configuration file is included.
Attention: If you see a 404 error when trying to access the Sentry administrator control panel, try logging out and then back into your administrator account.
Important! Locking Down the Magento Connect Downloader
Due to the system architecture of Magento, the Magento Connect downloader lies outside the protection provided by this plugin. It is critically important to protect the downloader from unauthorized access, as it is a common target for security breaches. For this reason, restricting the /downloader directory access to only a few trusted IP addresses is highly recommended. Implementation will vary by web host - contacting support is wise.
The extension is compatible with the following versions of Magento:
- Magento Enterprise 1.14, 1.13, 1.12, 1.11
- Magento Community 1.9, 1.8, 1.7, 1.6