How to improve secure access to your website

joomlaTwo-factor authentication for Joomla has been around since 2013. It requires you to log on with a username and password, and then provide an additional method of authentication, typically via an app on your mobile phone. This article describes how to set it up.

Install phone app

You will need a TOTP Authentication application on your phone. I used TOTPAuthentication for my iPhone, but there are other alternatives.


Joomla configuration

Start by logging in to the back-end of your Joomla site with Super Admin account. Always create a full backup before making changes that might affect access to your website.

  1. Go to Extensions > Plugins.
    1. Enable the Two-Factor Authentication - Google Authenticator plugin.
    2. Decide whether you want it for front-end, back-end or both.
  2. Go to Users > Manage.
  3. Open your user account for editing.
  4. Select the Two-factor Authentication tab.
  5. For the Authentication method select Google Authenticator from the drop-down.
  6. Using your phone app, scan the QR code, and enter the code from your phone.
  7. Make a copy of the One time emergency passwords that get created on successful configuration of two-factor authentication.

Next time you log on with this user account, you will need to enter the additional code created on your phone app. Please note that any user that doesn't enable two-factor authentication will still be able to access your website with just their username and password.


Thanks for visiting.