With TYPO3 v11 an optional "Multi-Factor Authentication"(MFA) has been added to increase account security. TYPO3 supports among others the so called "Time-based one-time password" method, which is very easy to use. You install an OTP (One Time Password) app (e.g. Google Authenticator) on a second device (e.g. smartphone) and initialize the TYPO3 user accordingly (see instructions below).
The login process will look like this:
This article describes the procedure to enable Multi-Factor Authenticator (MFA/2FA) in TYPO3.
(Recommended) Here you write down the 8 generated codes in a safe place. Optionally, you can enter a name again. Once you press save, the codes will be stored and ready to use. Important: As long as the codes have not been saved, 8 new codes will be generated when the page is reloaded.
Now both the recovery codes and the authentication app are set up and you can test the login with 2FA.
As soon as you log in to the TYPO3 backend, you will be asked to enter the 6-digit code. This completes the setup successfully.