- Reference Guide
- Miva Reference Guide
- PageBuilder
-
- Customers - Create a Customer Account
- Customers - Customers Batch List
- Customers - Customer Dashboard
- Customers - Customer Tax Exempt
- Customers - Shop as Customer
- Customers - Last Password Changed
- Customers - Customer Quick Add
- Customers - Business Accounts
- Customers - Customer Settings
- Customers - Availability Groups
-
- Creating a New Order
- Working with Orders
- Order and Order Item Statuses
- Processing Returns and Refunds
- Address Validation
- Recalculate Shipping
- Item Lookup
- Payment Transactions List
- Authorization Failures
- Unship Shipments/Split Shipped Shipments
- Add/Edit Subscriptions
- Batch Capture Progress Dialog
- Transactions
-
- Expanded Search Rules (Full Text Search)
- Copy Price Group
- Geographic Shipping Restrictions
- Exclusion Rule Caching
-
- Price Groups - Global Settings
- Price Groups - Qualifying/Discounting
- Price Groups - Structure/Priorities/Relationships
- Price Groups - Legacy
- Price Groups - Add-on Product
- Price Group - Basket Discount
- Price Group - Basket Discount (Specific Products)
- Price Groups - Buy X Get Y
- Price Groups - Markup from Cost
- Price Groups - Product Discount
- Price Groups - Customer Specific Pricing
- Price Groups - Specific Sale Price
- Price Groups - Shipping Discount (Entire Order)
- Price Groups - Shipping Discount (Discounted Products Only)
- Price Groups - Volume Pricing
- Price Groups - Using Coupons
- Price Groups - Via Template Code
- Marketing Settings
-
- Sort Order History by Status
-
- Page Builder - Upgrade Process
- Page Builder - General Overview
- Page Builder - Creating a New Page
- Page Builder - Page Settings
- Page Builder - Navigation Drop Down
- Page Builder - Mobile Tablet Desktop Preview
- Page Builder - Scheduling in Page Builder
- Page Builder - Pushing Your Page Live
- Page Builder - Template Branch Preview
- Page Builder - Components Overview
- Page Builder - Hero Banner Component
- Page Builder - Text Banner Component
- Page Builder - Image Across Component
- Page Builder - Text Area Component
- Page Builder - Image and Text Component
- Page Builder - Video Component
- Page Builder - Hero Slider Component
- Page Builder - Rich Text Editor Component
- Page Builder - Product Carousel Component
- Page Builder - Featured Product Component
- Page Builder - Category Carousel Component
- Page Builder - Quick Order Flex Component
- Page Builder - Header-Footer
- Page Builder - Component Text Settings
- Page Builder - Style Guide
- Copy Page
-
-
- Manage Quotes - Overview
- Manage Quotes - Installation
- Manage Quotes - Quote Page Templates
- Manage Quotes - Using Manage Quotes
- Manage Quotes - Quote Notes
- Manage Quotes - Working with Quotes
- Manage Quotes - Excluding Quotes from Price Groups
- Manage Quotes - Quote Expiration and Follow Up Emails
- Manage Quotes - Price Groups
- Manage Quotes - Quoted Shipping
- Miva Connect
- Miva Docs
- Reference Guide
- Miva 10 User Management Two Factor Authentication
User Management - Two-Factor Authorization
Two-Factor Authorization is an extra layer of security that the Miva admin uses to make sure that the people trying to gain access to an online account are who they say they are.
On this Page
- Overview
- YubiKey Setup and Configuration
- WebAuthn Setup and Configuration
- TOTP (Google Authenticator) Setup and Configuration
- Backup Codes
Overview
The Miva admin supports Two-Factor Authorization via TOTP (Time-based, One-Time Password) for all users. There are various methods for accomplishing this, including a YubiKey + Yubico OTP, WebAuthn/U2F as well as TOTP via Google Authenticator. All of these methods provide a convenient way to add a second factor to your Miva login.
Yubikey Setup and Configuration
To use a YubiKey as a two-factor authentication method, you must purchase a specialized USB YubiKey which comes pre-configured to connect to the YubiCloud. Miva is part of YubiCo’s Works With YubiKey program. For more information about that program, click here.
To purchase a YubiKey, check out the YubiCo store here.
Setting Up a YubiKey
To set up a YubiKey, select the user in the batch list and click the more icon, and then click Two-Factor Authentication in the dropdown menu.
Then, choose YubiCloud + Yubico OTP from the drop down.
Click Next, and then follow the on-screen instructions to insert your YubiKey into your computer, and then authenticate.
When finished, click Enable.
WebAuthn Setup and Configuration
To use WebAuthn, you must purchase a USB Key which supports the WebAuthn/U2F Protocol. YubiKeys, by default, support WebAuthn so purchasing a YubiKey allows you to use either protocol. The Google Titan Key also supports this protocol and can be purchased here.
To setup WebAuthn in Miva, select the user from the batch list and click to Edit. Then select Manage Two-Factor Authentication.
Then choose WebAuthn/U2F from the dropdown.
Click Next, and then follow the on-screen instructions to insert your WebAuthn supported device and press the button on the device to authenticate. Your browser will also give you a popup that you must approve.
TOTP (Google Authenticator) Setup and Configuration
Time-based, One-Time Password, or TOTP, is the most popular method of Two-Factor Authentication. This involves using an app, like Google Authenticator, to generate a unique, six-digit password each time you log in.
To use TOTP you’ll need an app, like Google Authenticator or Authy, to handle the TOTP flow.
Note
While there are browser-based plugins, and desktop operating system programs, for storing TOTP keys and generating TOTP codes, Miva discourages their use because they can compromise the computer where the key is stored, which could permit unauthorized access.
To setup TOTP in Miva, select the user from the batch list and click to Edit. Then select Manage Two-Factor Authentication. Then select Time-Based One-Time Password from the dropdown.
On the next screen, scan the QR code or enter the text string below that code, into your chosen app. Once done, enter the six-digit code generated by the app into Miva and click Enable.
Backup Codes
All three two-factor methods now support the generation of backup codes. These codes are presented to download at the time two-factor is enabled for each user. The consist of 10, one-time codes which will allow you to bypass the two-factor mechanism should the USB key be lost or the authentication app deleted.
Using a Backup Code
To use a backup code, click the “Use Backup Token” link below the two-factor screen during the login process. When prompted, enter the one-time use code.
Note
Each backup code is for one-time use, so once it has been used it can never be used again. In addition, there is no way to bulk generate backup codes. If you need more than the initial 10, you would need to disable two-factor for that user, and then re-enable it, which would generate a new set of 10 codes.