To enhance store security, enabling Two-Factor Authentication (2FA) for login and report exports effectively protects your data. When administrators log in or export reports, they must complete 2FA using your configured method to proceed.
In this article, you'll find:
1. Enable Two-Factor Authentication
If the Store Owner enables this feature, every administrator in the store must pass Two-Factor Authentication when logging in or exporting reports. Once the 2FA is enabled, the system will gray out the settings, and you will not be able to disable it.
Step 1
In the SHOPLINE Admin, go to [Settings] > [Permission & Security], and select the "Security Setting" tab.
*Note: Only the Store Owner can view, operate, and configure these settings.
Step 2
Switch on the "Two-factor authentication for login and report export" toggle. Read the note in the pop-up window and click OK.
*Notes:
- Once the feature is enabled, all staff members, including the store owner, will be logged out of the online store admin in 15 minutes and will need to complete 2FA on their next login.
- Once the 2FA is enabled, the system will gray out the settings, and you will not be able to disable it.
- Once enabled, the following store reports require Two-Factor Authentication to download (if disabled, administrator password verification is required):
Step 3
Select "Authenticator".
Step 4
After completing the above steps, click Update to save.
2. Authenticator Verification
Step 1
Open the App Store or Google Play on your mobile device, search for and install an authenticator. Once installed, click Already installed, next step.
Step 2
Go to the authenticator app. Select "Scan QR code / Enter setup key" to obtain the authentication code. Then, click Next step: Enter code.
Scan QR Code / Enter Setup Key
Tap the "+" icon in the bottom right of the Authenticator app and select "Scan a QR code" or "Enter a setup key".
| QR Code | Setup Key |
|
|
|
Step 3
Enter the 6-digit verification code displayed in the Authenticator app and click CONFIRM BINDING.
*Note: A circular icon will appear to the right of the verification code as a timer. A new verification code will automatically appear when the time is up.
3. Email Verification
Please go to your registered email inbox, open and check the 6-digit verification code email, enter the code, and click SUBMIT.
Verification Code Email
The verification code is valid for 5 minutes. If it expires, please click RESEND on the login page.
4. Notes
-
If you manage multiple stores, the system will select the verification mechanism with the highest security weight as your login authentication.
Security weights from high to low are: Authenticator Verification > Email Verification > No Verification.
Example
Person A is an administrator for the following stores simultaneously. The system determines the login verification method based on the highest security weight; therefore, Person A's login verification method is "Authenticator Verification".
Store Name Login Verification Method Flower Shop Email Verification Book Store Authenticator Verification Shoe Store Email Verification Clothing Store No Verification -
If a store administrator has enabled Authenticator but needs to regenerate the verification QR Code, please contact the Store Owner. If the Store Owner has enabled Authenticator but needs to regenerate the verification QR Code, please contact the Online Merchant Success Team.
Administrator Authenticator Regeneration
1. Store Owner goes to Admin > [Settings] > [Permission & Security] > Edit.
2. Find the "Enabled Authenticator " field.
3. Click Regenerate QR Code.
Read more

Comments