Enable 2FA

Two-factor authentication (2FA) enhances security by requiring users to provide two forms of identification before they are granted access. This method adds a layer of protection to the standard username and password method, making it significantly more challenging for potential intruders to gain unauthorized access.

Implementing 2FA in Keycloak helps organizations bolster their defenses against data breaches and unauthorized access, which is crucial for protecting sensitive data in todayʼs digital landscape.

Steps

  1. Going to the Authentication tab, clicking on the browser.
  2. In the Browser - Conditional OTP section select Required.
  3. Select the user needed to be added to use 2FA and add Configure OTP under the Required user actions section.
  4. When logging in with that user, a screen will guide on how to follow the configuration.
  5. Ensure that Configure OTP under the Required user actions section is removed (otherwise every time it will ask to configure OTP as if it was the first time).
  6. After configuring this every time the user logs in, they will be required a ONE-TIME CODE.
  7. (Optional) OTP settings can be found here.