Enable multi-factor authentication (MFA) to increase security and meet compliance requirements. When enabled, users logging in from a new device will be required to enter a code sent to their email address. The email can be customized in System Settings > System Emails > Email Verification Code.
β
Admin View
To enable multi-factor login, navigate to System Settings > System Features.
Click Edit.
Select Require Multi-Factor for Admins or All Users and click Save.
β
Front-End Experience
Now when admins login, they'll be greeted with the usual admin login page. If they select "remember me," then they will not be asked to complete the MFA Challenge again for 2 weeks. This is on a sliding expiration, so if an admin logs in again in that 2 week period, then the timer will be reset to be 2 weeks again from that point. Another important consideration is that this is cookie based, so if you clear your cookies, it will remove your pre-authorization.
Once the admin has selected Login, they will be prompted to enter the code from their email: