How to disable 2-factor authentication in Magento 2.4.0

Magento 2, 2 factor authentication

In previous versions of Magento, it was possible to enable 2-factor authentication (2fa) for admin users. In Magento 2.4.0 Adobe decided to kick the security up a notch and force 2-factor authentication for all backend users. Now, 2-factor authentication is great as it adds another layer of security in your webshop, but it can also be too much. Especially when you work by following DTAP where you have multiple environments (Development, Test, Acceptance, and Production).

Luckily for us, it is simple to disable this module. Just run this command:

php bin/magento module:disable Magento_TwoFactorAuth

And that's it! Now the module is disabled and you don't have to install/enter 2 factor authentication upon login. (ad)

Do you want your Magento store to be more reliable? Tired of things that suddenly break the checkout process without anyone noticing? You can hire my services to kickstart End-2-End testing for your Magento store. This way you know for sure that your store is behaving as expected before releasing that new feature or that update.

View for more information.

Warning: Do not do this in production

Magento forces 2-factor authentication for a good reason. Only disable this for non-production environments. Also: This makes a chance in app/etc/env.php. Make sure you don't commit this!

Do not this in production

You can make sure that you don't do this in production by including this step in your deployment process. To make sure you don't accidentally disable this on production you can add a step to enable it.


Mark Shust created a module that allows you to disable 2-factor authentication from the settings. The upside from this is that you change this on a per-environment basis and you can't accidentally commit the wrong settings (disabled module) to your codebase. Next to this, there is also the module of Wolfsellers, which seems to do the same. You can find it here.

Want to respond?