Developer forum

Forum » Development » Two factor admin authentication

Two factor admin authentication

E-mail notifications
August Schnell
Reply
Posted on 22/04/2024 08:04:28

 

Any chance that two factor authentication for the backend with google authenticator or similar will be implemented for dw9 & 10? Or perhaps there are some examples of people who have implemented this themselves?

Perhaps with the use of the ExternalLoginProvider?

I have tried with notification subscribers that redirects to a dw form and then back to the backend if what they user has typed is correct and so on.

 


Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 22/04/2024 17:29:59
Reply

Hi August

DW9 has it if you use external authentication - if you use external authentication and enable it for backend: https://doc.dynamicweb.com/documentation-9/users/external-authentication/external-authentication

For DW10 this is not possible yet.

We are working on implementing OTP and Magic link login features for DW9 (as MFA approach) and maybe DW10 also. On DW10 we are also looking into passkeys.

With relation to DW10 we are evaluating what mechanisms of login to take given what happens in this login security space currently. Passkeys and OTP being one, and maybe not even use a username/password/verification approach as it seems that scheme is already starting to be phased out due to password less logins.

 
Melissa Borgmann
Melissa Borgmann
Posted on 30/07/2025 21:28:28
Reply

Hi Nicolai,

In 2024 you wrote: 

We are working on implementing OTP and Magic link login features for DW9 (as MFA approach) and maybe DW10 also. 

I believe email verification codes for backend/admin login has been implemented in DW9 as of 9.19. Are there plans to allow the same configuration for frontend users, or is that already in place?

Thank you!

Melissa B.

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 04/08/2025 11:50:51
Reply
This post has been marked as an answer

We are not planning to implement verification codes for the DW9 frontend. To support MFA on DW9, we recommend using the external authentication providers.

DW10 has completely new login routines and support both external logins and verification codes.

BR Nicolai

Votes for this answer: 1

 

You must be logged in to post in the forum