The System supports Two-Factor Authentication for those customers who choose to opt their Users in.  It is highly recommended that Users who manage company security or sensitive company data opt in to Two-Factor Authentication and require it for those Users who may be doing similar functions.



Enabling Two-Factor Authentication for Yourself


1.  Log into your System

2.  Scroll over your Username in the upper right hand corner and select the "Profile" option


3.  Your User Profile will be displayed as you see below.


6HW6qZ_shX8MdLvqpjHNEAaprGVnfTOpOw.png


4.  Click the blue "Setup Two-Factor" button in the bottom left hand corner.


5. Two Factor Authentication supports two options for authenticating:

  • Use an App - Select the green "Use an App" button and follow the 4 step instructions on the page shown below:



  • Use SMS - Select the blue "Use SMS" button and follow the instructions on the page shown below.  You will be asked to send a text message with an Authorization Code to the System Phone Number listed on the screen. By using the SMS option your SMS Settings on your profile page will be automatically set up.




6.  Upon completion of either step you will be set up to use Two-Factor Authentication.  The system will then provide 5 unique codes that can be used in lieu of the selected option above in the event access to the system is required when there is no cell phone service or access to the Internet on your mobile device.  These codes should be saved in a secure location or printed for use at a later date.  These codes can be regenerated at any time from your User Profile.



Requiring Two-Factor Authentication for Your Users


When Users are required to set up Two-Factor Authentication by an Administrator they cannot opt out of enrollment.  They will be required to set it up upon login, this is not an option for the User.


1.  Log into your System


2.  Select the "Administration" tab at the top


3.  Select "Users"


4.  Select a User from your list


5.  Click the light-gray "Edit this User" link in the upper right hand corner


6.  Once in Edit mode, click the light-grey "Require Two-Factor" link in the upper right hand corner


7.  A pop-up will appear indicating that the User will now be required to enroll in Two-Factor Authentication upon log in.  Click the blue "Require Two-Factor" button.


8.  A light blue status bar at the top will indicate that they have been set up.  Under the "Two Factor Authentication" status in the right hand column the status will indicate "Pending setup on next login".  Once the user has enrolled the status will change to "Enabled".


9.  At any point you can disable Two-Factor Authentication for any Users you have required get enrolled.


The process above is generally the same when adding a new user.  The "Two-Factor Authentication" status will be defaulted to "No" on the new User setup form and you simply need to select "Yes" to require them to enroll when they log in for the first time.



Enrolling in Two-Factor Authentication Upon Login 


For Users that need to enroll in Two-Factor Authentication upon login, they will use the following steps which is very similar to opting in through the profile (when not 'required' by an Admin as described above):


1.  Log in to the System

 

2.  Upon login, you will be prompted to enroll and receive the following message:



3.  Two Factor Authentication supports two options for authenticating:

  • Use an App - Select the green "Use an App" button and follow the 4 step instructions on the page shown below:




  • Use SMS - Select the blue "Use SMS" button and follow the instructions on the page shown below.  You will be asked to send a text message with an Authorization Code to the System Phone Number listed on the screen. By using the SMS option your SMS Settings on your profile page will be automatically set up.




4.  Upon completion of either step you will be set up to use Two-Factor Authentication.  The system will then provide 5 unique codes that can be used in lieu of the selected option above in the event access to the system is required when there is no cell phone service or access to the Internet on your mobile device.  These codes should be saved in a secure location or printed for use at a later date.  These codes can be regenerated at any time from your User Profile.