Articles in this section

2-Factor Authentication

Avatar
Clara Kantner
  • Updated
Follow

Adverity supports Two-factor authentication as an additional security layer. With 2 Factor Authentication (2FA), users are required to use a six-digit token provided by their mobile device additionally to the password in order to log in. 

REQUIRED APPS

  • In order to scan the QR-code on the screen, you need to install an app on your mobile device that supports the scanning of QR-Codes like Barcode Scanner.
  • Additionally you need an app that supports time-based security tokens based on RFC6283 standard. This can be Google Authenticator for Android or Authenticator for iPhone.

Two options are possible:

OPTION 1: OPTIONAL 2-FACTOR AUTHENTICATION PER USER

Each user has the possibility to optionally enable 2FA for their account. In this case the 2-FA authentication can be disabled at any time by the users themselves.

  1. From the Connect, Enrich or Transfer Elements, navigate through Person Icon ( Person_Icon.png ) > Account.
  2. Click "2 Factor Authentication" in the left-hand menu.
  3. Follow the steps to set up a device.
  4. 2FA is now enabled for this user.
  • To unlink a device, navigate through the same steps, enter your password and click Unlink.

Backup Tokens

It is recommended to generate a set of backup tokens and store them securely. A backup token allows users to reset the tokens on their device and scan a new QR code in case the user has a new mobile phone or has deleted their token from their app. 

The codes of the Two-factor authentication app are constantly being updated. Make sure that the time settings of your device are correct as tokens between your device and Adverity might not match otherwise.

 

OPTION 2: MANDATORY 2-FACTOR AUTHENTICATION FOR ALL USERS

It is also possible to enforce 2FA as a requirement for the entire stack. Once enabled, users are not able to opt out of 2FA. Please contact support@adverity.com if you want to enable Two-factor authentication for all users on the stack.

Prior to asking our support to enable 2-Factor Authentication for the whole stack, all users should have generated a token and backup codes, using the steps described above.

Once the 2FA is enabled for the whole stack, it is no longer possible to log in without a token. You can also facilitate this by sending a token to users manually to prompt them to set up 2FA.

  1. From the Connect, Enrich, or Transfer Element, navigate through Workspace Picker > Administration.
  2. In the left-hand menu, under Other, click Users 
  3. Use the checkboxes to the left of each email address in the list, filling the boxes for those Users whom you wish to receive a 2FA token.
  4. Click the drop-down box that reads "X of X selected", and select "Send temporary 2FA token"
  5. Each user selected will receive an email with a back-up code.

Please Note: All users created after 2FA has been enabled for the whole stack will automatically receive an email prompting them to set up 2FA.

Related articles

Comments

0 comments

Article is closed for comments.