How to Add Two Factor Authentication to Miva for Admin: The Fastest and Easiest Solution October 26, 2018at 19:41 pm By: James Byrne After Dark Grafx Get Ready for Miva Merchant upgrade to 9.12 With the new release of Miva 9.12 they will now require two factor authentication. This should be done before the release in the next few weeks. Even though you have an email account for all admins that sends a verification code to login. You will now be prompted for an additional login method via Two Factor Authentication. In order to enable two factor authorization on Miva, you will need to: A) Login to Miva and Select the Admin User B) Put a checkbox next to the Miva Admin Account C) Select the TWO FACTOR AUTHENTICATION tab at the top of the accounts D) Select one of the two factor methods below. Two Factor authorization works like this. You login to your account with your username and password. You are then presented with another screen to enter a code, token or authorization method in order to access the account. Explanation of Two Factor Options: (Descriptions below taken from within the Miva Admin) 1) Time-Based One-Time Password (TOTP) ((select this one to make it easier and the one we explain below) Description: A Time-Based One-Time Password (TOTP) is a temporary passcode generated by an algorithm. With the current time used as one of its factors in calculation, the algorithm can ensure that each generated passcode is unique. In order to use this form of two-factor authentication, you will need to download an application (usually on a mobile device, but also available on most desktop operating systems) that will generate a code and display it when you are signing in to your admin account. The process for signing in to the administrative interface is as follows: Sign in to the administrative interface with your normal username and password credentials When prompted, enter the One-Time Password generated via your TOTP application (e.g. Google Authenticator) 2) YubiCloud + Yubico OTP (means you need a physical device plugged into your computer) Description Yubico OTP uses pre-configured YubiKeys to authenticate via the YubiCloud Authentication service. This method of two-factor authentication requires the use of a YubiKey that supports YubiCloud Authentication during sign in. A few benefits of using YubiCloud include requiring a device (the YubiKey) to be present during login and unique, secure 128-bit AES encrypted one-time passwords with counters to identify and prevent replay attacks. The process for signing in to the administrative interface is as follows: Sign in to the administrative interface with your normal username and password credentials When prompted, insert your YubiKey into your computer’s USB port Press the button on your YubiKey This is a stronger, more secure solution. 3) WebAuthn/U2F Description WebAuthn is a W3C standard that will allow for multiple forms of single-sign-on and two-factor authentication. Miva’s implementation of WebAuthn used U2F Authentication, which is two-factor only, and will require the use of a FIDO/U2F certified device. Browser support for WebAuthn is currently very limited, and will require you to log in using only browsers that currently support the standard. The process for signing in to the administrative interface is as follows: Sign in to the administrative interface with your normal username and password credentials When prompted, provide your two-factor authentication credentials via the supported U2F device ———————————————————– – Read the Full Miva Article Here on How To Set Up Two Factor Authentication on Miva Merchant RECOMMENDED SOLUTION TO GET STARTED FAST! How to Add Two Factor Authentication to Miva for Admin Users: The Fastest and Easiest Solution I am going to cover How To Add Google Authenticator to Google Chrome Browser to allow you to login via TOTP Time-Based One-Time Password (TOTP) A) Login to Miva and Select the Admin User B) Put a checkbox next to the Miva account admin that you would like to add and select the two factor authentication tab at the top C) Select Time-Based One-Time Password (TOTP) In the Miva Documentation above for this setup it references the Google Authenticator but doesn’t explain how to use it. Here is one method below. You can search for apps that run on your phone or mobile devices as well. You will need to run this extension each time you login to Miva. OTP (Google Authenticator) Setup and Configuration Time-based One Time Password or TOTP is the most popular method of Two-Factor Authentication. This involves using an app such as Google Authenticator (BELOW) to generate a unique 6 digit password each time you login. Requirements: To use TOTP you’ll need an app such as Google Authenticator, Authy or a browser plugin to handle to TOTP flow. Steps to setup in Miva Edit User and Select Manage Two-Factor Authentication Choose Time-Based One-Time Password from the Drop down On the next screen, scan the QR code or enter in the text string below the QR code into your Google Authenticator (or similar) app (HOW TO BELOW). Once done, enter in the 6 digit code generated from the App into Miva and click enable. COPY THE CODE BELOW THE QR CODE ABOVE for the next section. HOW TO INSTALL GOOGLE AUTHENTICATOR IN CHROME DESKTOP 1) Using Google Chrome, open a new tab or window and go to: https://chrome.google.com/webstore/detail/gauth-authenticator/ilgcnhelpchnceeipipijaljkblbcobl?hl=en 2) Download and Install the Extension 3) Click on the EXTENSION icon (should be in the top of your browser as a little G and it will send you to the extension website to enter your token) 4) Click on the PENCIL top right of the browser 5) Click on the ADD button – bottom left 6) Enter a user or website you want as the name to be referenced for the account access 7) Enter the token from the Miva Admin Page with the QR code that you copied above. 7) It will generate a code for you to enter into your Miva Admin below the QR CODE and token that is displayed. You could always use BACKUP TOKENS later to login but it is better habit to use the GAuthenticator Extension. Go back to the Miva Admin and enter this code below the token 8) Select Enable 9) You will now see a list of BACKUP CODES, download them and store them in safe place. I would print them and delete them from the computer to be safe. 10) Select NEXT and CONGRATULATIONS! You are now setup with two-factor authentication! Now you have to do this for each of the admins on your site. Sign In Instructions Sign in to the administrative interface with your normal username and password credentials When prompted, enter the One-Time Password generated via your TOTP application (e.g. Google Authenticator) You will need to select the Chrome Extension GAuthenticator and click on the new code that it creates and enter that for the two factor code to work. If you are unsure of how to do this or it sounds too technical, please contact us . We offer this service via a screen share to help set this up on your browser at our hourly rate. Yes, you will need to use Google Chrome to login to your admin and to use the extension mentioned above each time you login. Using a backup code To use a backup code, click the “Use Backup Token” link below the Two-Factor screen during the login process. Here you can enter in your one time use code: Each backup token is one time use so once it has been used it can never be used again. Note: There is no way to bulk generate backup codes. If you need more than the initial 10, you would need to disable Two-Factor for that user and then re-enable it which would generate you a new set of 10 codes.