For coders TYPO3 Tech Corner

Published at 16. February 2023

2FA: Google Authenticator for TYPO3

Since TYPO3 11, two-factor authentication (2FA) has already been included to further secure the login to the backend. Maybe the configuration is a bit hidden. We'll show you how to activate them.

Setup per backend user

This is how quickly every backend user can independently activate and set up 2FA for the Google Authenticator and many other multi-factor authentication services:

1) After logging into the backend, you can simply click on your username. There you have to switch to the "Account security" tab. Then click the "Manage multi-factor authentication" button.

Google Authenticator in TYPO3 - Step 1 — Picture: Step 1

2) Select the green button "+ Setup" at "Time-based one-time password".

Google Authenticator in TYPO3 - Step 2 — Picture: Step 2

3) From here just follow the instructions
a) Scan the QR code with the Google Authenticator app
b) Enter a name in the backend for "Step 2".
c) Enter the current 6-digit code from the Google Authenticator app in "Step 3".
d) Then save

Google Authenticator in TYPO3 — Picture: Step 3

Tips and configuration

If you want to force 2FA for your backend users, you can easily do this with an AdditionalConfiguration.php:

# Enforce for all backend users
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 1;

# Enforce for non-admin backend users only
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 2;

# Enforce for admin backend users only
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 3;

If you only want to activate 2FA for a special user group, you can do this via User TSConfig:

# User TSConfig
auth.mfa.required = 1

When for some special reason you need the exact opposite. So you don't want to offer 2FA for your backend users. Then the option can also be completely deactivated in the user profile:

# User TSConfig
setup.fields.mfaProviders.disabled = 1

How to add own 2FA service into TYPO3 is explained in the official documentation.

Back

"Code faster, look at the time" - does this sound familiar to you?

How about time and respect for code quality? Working in a team? Automated tests?

Join us

Menu comparison: Numbers, numbers, numbers

Go to news

Drop-down menu without load - using multilevel cache

Go to news

Menu: Comparison of techniques

What about performance when a menu gets bigger in TYPO3? We have looked at various ways of generating a drop-down menu.

Go to news

AI and ChatGPT for TYPO3 development

Do you already use AI like ChatGPT in your daily work with TYPO3? We have published a special GPT for you that can help you.

Go to news

TYPO3: Manually update SOLR index in PHP?

Have you ever wanted to update the SOLR index live? Maybe if records are changed in the frontend or if - as in our case - the nightly import updates records in TYPO3? We'll quickly show you how it...

Go to news

Please stop using switch/case in PHP

Since PHP 8 there is a type-safe alternative to switch statements that is also easier to write. We'll show you how easy it is.

Go to news

Cheap emergency servers for universities and colleges in case of a hack

LUX - TYPO3 Marketing Automation

Selfhosted Webserver

For coders TYPO3 Tech Corner

2FA: Google Authenticator for TYPO3

Since TYPO3 11, two-factor authentication (2FA) has already been included to further secure the login to the backend. Maybe the configuration is a bit hidden. We'll show you how to activate them.

Setup per backend user

Tips and configuration

"Code faster, look at the time" - does this sound familiar to you?

Menu comparison: Numbers, numbers, numbers

Drop-down menu without load - using multilevel cache

Menu: Comparison of techniques

AI and ChatGPT for TYPO3 development

TYPO3: Manually update SOLR index in PHP?

Please stop using switch/case in PHP