Contact us
2FA: Google Authenticator for TYPO3

2FA: Google Authenticator for TYPO3

Since TYPO3 11, two-factor authentication (2FA) has already been included to further secure the login to the backend. Maybe the configuration is a bit hidden. We'll show you how to activate them.

Setup per backend user

This is how quickly every backend user can independently activate and set up 2FA for the Google Authenticator and many other multi-factor authentication services:

1) After logging into the backend, you can simply click on your username. There you have to switch to the "Account security" tab. Then click the "Manage multi-factor authentication" button.

Google Authenticator in TYPO3 - Step 1
Picture: Step 1

2) Select the green button "+ Setup" at "Time-based one-time password".

Google Authenticator in TYPO3 - Step 2
Picture: Step 2

3) From here just follow the instructions
a) Scan the QR code with the Google Authenticator app
b) Enter a name in the backend for "Step 2".
c) Enter the current 6-digit code from the Google Authenticator app in "Step 3".
d) Then save

Google Authenticator in TYPO3
Picture: Step 3

Tips and configuration

If you want to force 2FA for your backend users, you can easily do this with an AdditionalConfiguration.php:

# Enforce for all backend users
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 1;

# Enforce for non-admin backend users only
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 2;

# Enforce for admin backend users only
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 3;

If you only want to activate 2FA for a special user group, you can do this via User TSConfig:

# User TSConfig
auth.mfa.required = 1

When for some special reason you need the exact opposite. So you don't want to offer 2FA for your backend users. Then the option can also be completely deactivated in the user profile:

# User TSConfig
setup.fields.mfaProviders.disabled = 1

How to add own 2FA service into TYPO3 is explained in the official documentation.

Show all news

TYPO3: Finding unused files in fileadmin

Do you want to delete unused or orphaned files in fileadmin or another storage location? Unfortunately, there's no direct core functionality for this. But a small command in your site package can...

Go to news

TYPO3: Editors with individual user_upload folders

Perhaps you're familiar with this client requirement? Editors should be able to add videos using the "Add media by URL" button. But the files shouldn't be located in fileadmin/user_upload/, but rather...

Go to news

TYPO3: Finding pages in mixed mode

In TYPO3, Mixed Mode refers to translated pages that contain content only partially related to the corresponding content in the main language. This is indicated in the backend by an error message. But...

Go to news

Extbase Extensions: Think extensibility with data, site and language

Today, I have a small request for the TYPO3 extension authors out there: Make sure your extensions are extensible. This will also promote the distribution of the corresponding plugins.

Go to news

SQL: Show all tables sorted by size in descending order

Lately I've been using the SQL command more often to find out which tables in the TYPO3 database are the largest. I've published the snippet once.

Go to news

TYPO3 12 with CKEditor 5: Styles in a single selection

If you set a link in the RTE in TYPO3, you may have to choose between different link classes, for example to create buttons in the frontend. What's new in TYPO3 12 is that you can select not just one...

Go to news