Skip to main content
Version: 2023.3

Two Factor Authentication

since build 256

Pimcore has an integrated two factor authentication using the Google Authenticator (Android, iOS)

User Setup

By default every user can enable or disable their two factor authentication freely in the profile settings. SettingsSettingsSettings (Settings -> My Profile)

After enabling it a secret will be generated and you can setup your Google Authenticator App.

Please be aware if you don't setup the App properly you will loose access to your account!

2fasetup2fasetup2fasetup

After reloading you will be prompt to enter the verification code for the first time.

2falogin2falogin2falogin

Admin Setup

It is also possible to force users to use two factor authentication. This can be done in the Users menu by checking 'Two Factor Authentication required'. SettingsSettingsSettings (Settings -> Users / Roles -> Users)

2farequired2farequired2farequired

If this is enabled the user will have to setup two factor authentication and cannot disable it anymore.

Config

If you want to change the default name / description that is displayed in the app you can do this by overwriting the following config:

 scheb_two_factor:
google:
server_name: Pimcore # Server name used in QR code
issuer: Pimcore 2 Factor Authentication # Issuer name used in QR code

SettingsSettingsSettings