Two factor authentication

Two-factor authentication integration from Odoo 14 and onwards

Two-factor Authentication (2FA)

Two-factor authentication (2FA) is a good way to improve the security of an account, to make it less likely that an other person will manage to log in instead of you.

Practically, it means storing a secret inside an authenticator (usually your cell phone) and exchanging a code from the authenticator when you try to log in.

This means an attacker needs both to have guessed (or found) your password and to access (or steal) your authenticator, a more difficult proposition than either one or the other.

With the introduction of Odoo 14, two-factor authentication is by default integrated into Odoo. However, it must be activated by the user. On this page you will find a step-by-step description of how to set up and activate two-factor authentication in Odoo yourself.

Authenticators

The two most commonly used authenticators are Authy and Google Authenticator. Install one of the two apps on your mobile phone.

We will use Google Authenticator for demonstration purposes, however Authy works in a similar way. Both authenticators have their specific advantages and the choice will depend on your personal preference.

SETting up TWO-FACTOR AUTHENTICATION

After installing the authenticator app, log in to your Odoo environment and click in your personal menu at the top right, and then click on the option "My Profile":

Image: My Preferences

Open the "Account Security" tab and then click the "Enable two-factor authentication" button:

Figure: Enable Odoo Two-factor Authentication

Then enter your Odoo password:

Image: password confirmation

After password confirmation, a screen with a unique QR barcode is shown:

Image: Two-Factor Authentication QR barcode

In most authenticator apps you can easily scan the barcode using the camera of the phone, the authenticator app then takes care of the correct settings:

Image: scan QR barcode with phone app

IF SCANning DOES NOT WORK

If you cannot scan the QR barcode, you can click on the "show the code" link and show the secret code to manually set up the authenticator:

Image: authentication secret key

The code under "Your two-factor secret:" can then be entered manually and added to the authenticator app:

Image: Google Authenticator app account name and key

AUTHENTICATION SETTINGs COMPLETED

Once this has been done, the authenticator should display a verification code including identification information:

Image: Google Authenticator app two-factor authentication code

Enter the code in the "Verification Code" field and then click the "Enable two-factor authentication" button.

Congratulations, your Odoo account is now protected with two-factor authentication!

Image: Odoo two-step verification activated

LOGIN

Logging in will be done as follows from now on. Enter your username and password on the login page. After this, the following screen is displayed:

Image: Odoo login with two-step verification

Now open the authenticator app on your phone and enter the code that is displayed (for the relevant account). That was all! From now on, unless you disable 2FA, you will have an even more secure two-step login process instead of the old one-step.

Note

If you lose access to the authenticator app, please contact your Odoo administrator. This can reset your two-factor authentication, after which you can set it again.

Should you unexpectedly fail to set up two-factor authentication? Do not hesitate to contact us via a helpdesk ticket or our contact form!

in Odoo

# Beveiliging Odoo 14 odoo

Odoo product configurator

The biggest benefits of using the Odoo product configurator, how and where to apply it