Contact us

For coders TYPO3 Tech Corner

2FA: Google Authenticator for TYPO3

2FA: Google Authenticator for TYPO3

Since TYPO3 11, two-factor authentication (2FA) has already been included to further secure the login to the backend. Maybe the configuration is a bit hidden. We'll show you how to activate them.

Setup per backend user

This is how quickly every backend user can independently activate and set up 2FA for the Google Authenticator and many other multi-factor authentication services:

1) After logging into the backend, you can simply click on your username. There you have to switch to the "Account security" tab. Then click the "Manage multi-factor authentication" button.

Google Authenticator in TYPO3 - Step 1
Picture: Step 1

2) Select the green button "+ Setup" at "Time-based one-time password".

Google Authenticator in TYPO3 - Step 2
Picture: Step 2

3) From here just follow the instructions
a) Scan the QR code with the Google Authenticator app
b) Enter a name in the backend for "Step 2".
c) Enter the current 6-digit code from the Google Authenticator app in "Step 3".
d) Then save

Google Authenticator in TYPO3
Picture: Step 3

Tips and configuration

If you want to force 2FA for your backend users, you can easily do this with an AdditionalConfiguration.php:

# Enforce for all backend users
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 1;

# Enforce for non-admin backend users only
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 2;

# Enforce for admin backend users only
$GLOBALS['TYPO3_CONF_VARS']['BE']['requireMfa'] = 3;

If you only want to activate 2FA for a special user group, you can do this via User TSConfig:

# User TSConfig
auth.mfa.required = 1

When for some special reason you need the exact opposite. So you don't want to offer 2FA for your backend users. Then the option can also be completely deactivated in the user profile:

# User TSConfig
setup.fields.mfaProviders.disabled = 1

How to add own 2FA service into TYPO3 is explained in the official documentation.

Show all news

"Code faster, look at the time" - does this sound familiar to you?

How about time and respect for code quality? Working in a team? Automated tests?

Join us

Lesson cancellation - and now? New portal for the Bavarian school system.

For the Bavarian school system, we developed a new web app based on an existing but very outdated portal. The portal reports lesson cancellations throughout Bavaria and registered users are informed...

Go to news

SQL: Show all tables sorted by size in descending order

Lately I've been using the SQL command more often to find out which tables in the TYPO3 database are the largest. I've published the snippet once.

Go to news

TYPO3 12 with CKEditor 5: Styles in a single selection

If you set a link in the RTE in TYPO3, you may have to choose between different link classes, for example to create buttons in the frontend. What's new in TYPO3 12 is that you can select not just one...

Go to news

Null-Safe Operator in the TYPO3 area

With the introduction of PHP8, problems with undefined arrays or variables in general can arise in many places. Here are a few examples and simple solutions.

Go to news

Delete the first/last lines of a (SQL) file

There isn't much to say about the following commands. Sometimes it can be useful to delete the first (or last) X lines from a file. And if the file is too large to open with a conventional program, a...

Go to news

b13/container: Add and modify child elements in edit view

Unlike gridelements, you cannot manage the child elements in the B13 Container extension when you open the container in the editing view. I would be happy to show you how you can quickly install this...

Go to news