diff --git a/_data/sidebars/home_sidebar.yml b/_data/sidebars/home_sidebar.yml index e4b4040..cb659bd 100644 --- a/_data/sidebars/home_sidebar.yml +++ b/_data/sidebars/home_sidebar.yml @@ -17,6 +17,9 @@ entries: - title: MassUpdateTierPrices url: /mass-update-tier-prices-m2.html output: web + - title: PassKey + url: /passkey-m2.html + output: web - title: Extensions (Magento 1) output: web folderitems: diff --git a/_data/sidebars/pk-m2-sidebar.yml b/_data/sidebars/pk-m2-sidebar.yml new file mode 100644 index 0000000..747e0f7 --- /dev/null +++ b/_data/sidebars/pk-m2-sidebar.yml @@ -0,0 +1,49 @@ +# This is your sidebar TOC. The sidebar code loops through sections here and provides the appropriate formatting. + +entries: + - title: Sidebar + levels: one + folders: + + - title: PassKey (M2) + output: web + folderitems: + - title: What is a Passkey? + url: "#what-is-a-passkey" + output: web + - title: Why Passkeys Are Secure + url: "#why-passkeys-are-secure" + output: web + - title: Passkey extension for Magento 2 + url: "#passkey-extension-for-magento-2" + output: web + - title: Requirements + url: "#requirements" + output: web + - title: Compatibility + url: "#compatibility" + output: web + - title: Installation Instructions + url: "#installation-instructions" + output: web + - title: Configuration + url: "#configuration" + output: web + - title: Usage + url: "#usage" + output: web + - title: Troubleshooting + url: "#troubleshooting---i-installed-the-extension-but-it-does-not-work" + output: web + - title: Uninstallation + url: "#uninstallation" + output: web + - title: Support + url: "#support" + output: web + - title: Licence + url: "#licence" + output: web + - title: Copyright + url: "#copyright" + output: web \ No newline at end of file diff --git a/images/passkey/login-by-passkey.png b/images/passkey/login-by-passkey.png new file mode 100644 index 0000000..0240a0c Binary files /dev/null and b/images/passkey/login-by-passkey.png differ diff --git a/images/passkey/passkey-configuration.png b/images/passkey/passkey-configuration.png new file mode 100644 index 0000000..7af950d Binary files /dev/null and b/images/passkey/passkey-configuration.png differ diff --git a/images/passkey/passkey-device-registration-email.png b/images/passkey/passkey-device-registration-email.png new file mode 100644 index 0000000..5e0f854 Binary files /dev/null and b/images/passkey/passkey-device-registration-email.png differ diff --git a/images/passkey/passkey-register-device.png b/images/passkey/passkey-register-device.png new file mode 100644 index 0000000..474d2d6 Binary files /dev/null and b/images/passkey/passkey-register-device.png differ diff --git a/images/passkey/reset-passkey.png b/images/passkey/reset-passkey.png new file mode 100644 index 0000000..7e48d6f Binary files /dev/null and b/images/passkey/reset-passkey.png differ diff --git a/pages/passkey-m2.md b/pages/passkey-m2.md new file mode 100644 index 0000000..0552e65 --- /dev/null +++ b/pages/passkey-m2.md @@ -0,0 +1,165 @@ +--- +title: Passkey (Magento 2) +permalink: passkey-m2.html +summary: "The Passkey Extension for Magento 2 enables administrators to log in using a Passkey" +sidebar: pk-m2-sidebar +toc: false +--- +## What is a Passkey? +A passkey is a modern authentication method that replaces traditional passwords. It combines a user's device and biometrics (like fingerprint or facial recognition) to securely log in without needing to remember or type a password. Passkeys are based on public-key cryptography, making them resistant to phishing and password breaches. + +For a deeper understanding of how passkeys work and why they're secure, please take a loot at this [detailed explanation](https://www.passkeycentral.org/introduction-to-passkeys/). + +## Why Passkeys Are Secure + +### No Passwords to Steal + +Passkeys don’t store or transmit passwords. Instead, they use a unique pair of keys: + +* Private Key: Stored securely on your device and never shared. +* Public Key: Stored on the service's servers and used to verify your identity. Hackers cannot steal the private key because it never leaves your device. + +### Phishing Resistance + +Traditional passwords can be stolen through phishing attacks. Passkeys are resistant because authentication happens directly between your device and the service. No sensitive data is entered into potentially malicious websites. + +### Biometric Protection + +Passkeys often use biometric authentication (fingerprint, face recognition) or device-based PINs. These are harder to replicate and never transmitted, making unauthorized access difficult. + +### Tied to Physical Devices + +A passkey is bound to a specific device, meaning even if someone knows your credentials, they cannot log in without your device. + +### Resistant to Data Breaches +Since only the public key is stored on the server, even if the server is breached, the stolen data is useless without the corresponding private key. + +## Passkey extension for Magento 2 +The Passkey Extension for Magento 2 enables administrators to log in using a passkey. It enhances the user experience +by simplifying the login process while maintaining high-security standards. This is ideal for shop administrators who +wish to log in without a password while still ensuring security. + +#### Key Features: + +1. **Easy Login:** By Passkey you can log in without using your username and password. +2. **Secure:** Passkey is a secure way to log in. It is resistant to phishing attacks and data breaches. +3. **Easy to Use:** The Passkey module is easy to use and can be used by anyone. +4. **Customizable:** It is possible to allow only specific admin users to use the Passkey. +5. **Multi-Device Support:** Login with different devices like a mobile phone, tablet, or Yubi-Key. + +## Requirements + +- ext-curl: `*`, +- magento/framework `^103.0` +- magento/module-authorization `^100.4` +- magento/module-backend `^102.0` +- magento/module-store `^101.1` +- magento/module-two-factor-auth `^1.1` +- magento/module-user `^101.2` +- PHP `~8.1.0||~8.2.0||~8.3.0` + +## Compatibility + +- Magento Open Source / Adobe Commerce >= `2.4` + +## Installation Instructions + +You can install the extension via Composer or by copying the code into your Magento installation. + +### Composer Installation + +1. `composer require customgento/module-passkey` +2. `bin/magento module:enable CustomGento_Passkey` +3. `bin/magento setup:upgrade` +4. `bin/magento setup:di:compile` +5. `bin/magento cache:flush` + +### Manual Installation + +1. unzip the downloaded files +2. create the directory `app/code/CustomGento/Passkey/`: `mkdir -p app/code/CustomGento/Passkey/` +3. copy the unzipped files to the newly created directory `app/code/CustomGento/Passkey/` +4. `bin/magento module:enable CustomGento_Passkey` +5. `bin/magento setup:upgrade` +6. `bin/magento setup:di:compile` +7. `bin/magento cache:flush` + +## Configuration +You can enable the Passkey feature in the Magento backend under `Stores > Configuration > Security > 2FA > General`. +It is important to mention that Passkey can not be the only 2FA method enabled. You need to enable at least one other 2FA method. +If you just choose Passkey as the only 2FA method, you will get an error message. + +![Settings configuration]({{ "images/passkey/passkey-configuration.png" }} "Settings configuration") + +## Usage +After enabling Passkey, you need to register a device to use it, such as a mobile phone, tablet, or YubiKey. To register a new device (after enabling Passkey 2FA), first log out, then log in again using your username and password. + +![Passkey device registration Email]({{ "images/passkey/passkey-device-registration-email.png" }} "Passkey device registration Email") + +Next, you will be prompted to check your email and click the link provided. Once you click the link, you'll be guided to register your Passkey device. Simply select the device you want to register and follow the on-screen instructions. +For example to register Yubi-Key, you need to insert the Yubi-Key into the USB port and touch it. + +![Passkey device registration]({{ "images/passkey/passkey-register-device.png" }} "Passkey device registration") + +After registering your device you will be redirected to the Admin Panel. + +### Logging in with Passkey +After registering your Passkey device, you can log in with Passkey. To do so, you just need to click on the Passkey button in the login form. And you of course you do not need to enter your username and password anymore. + +![Log in by passkey]({{ "images/passkey/login-by-passkey.png" }} "Log in by Passkey") + +### Resetting the Passkey +Imagine you lost your Passkey device and need to register a new one. There are two ways to reset the Passkey. + +#### Reset the Passkey in the Admin Panel +1. On the Admin sidebar, go to System > Permissions > All Users. +2. Select the user and open the account in edit mode. +3. Scroll down to the Current User Identity Verification section and enter your password. +4. In the left panel, click 2FA. +5. In the Configuration reset section, click Reset passkey and OK to confirm. + +![Reset Passkey]({{ "images/passkey/reset-passkey.png" }} "Reset Passkey") + +#### Reset the Passkey via CLI +For resetting the passkey with CLI you need to have access to the command line of the server, where your Magento installation is placed. If you don't have access to it, please ask your developer or your agency for help. +There, you can reset your Passkey for any specific user by running the following command: +```shell +bin/magento security:tfa:reset admin customgento_passkey +``` +Where `admin` is the username of the user you want to reset the Passkey for. + +## Troubleshooting - I installed the extension, but it does not work + +1. Do you use the latest version of the extension? +2. Do you use Magento >= 2.4? +3. Do you have at least one other 2FA method enabled? +4. Do you have the required PHP version installed? + +## Uninstallation + +The uninstallation procedure depends on your setup: + +### Uninstallation After Composer Installation + +1. `bin/magento module:uninstall CustomGento_Passkey` +2. `bin/magento setup:di:compile` +3. `bin/magento cache:flush` + +### Uninstallation After Manual Installation + +1. `bin/magento module:disable CustomGento_Passkey` +2. `bin/magento setup:di:compile` +3. `bin/magento cache:flush` +4. `rm -r app/code/CustomGento/Passkey` + +## Support + +If you have any issues with this extension, feel free to [contact us](https://www.customgento.com/){:target="_blank"}! + +## Licence + +[CustomGento Commercial Software Licence](https://www.customgento.com/license){:target="_blank"} + +## Copyright + +© 2024 - present CustomGento GmbH \ No newline at end of file