Two-factor authentication (also known as Two-step authentication) provides a more secure login process because when you or your customers attempts to sign in, you'll have to provide the following information:
- The account password.
- A single-use authorization code generated by a mobile app.
This is like a cash withdrawal machine at the bank, which requires both a debit card and a personal identification number (PIN). The difference here is that you'll have to use a different authentication code every time you sign in, because an authentication code expires after it's used.
Two-factor authentication can be set up for all accounts, note that only account owners can set it up for their own account.
Enable two-step authentication with an authenticator app
To enable two-step authentication with an authenticator app, you'll need to download an authenticator app to your mobile device. Recommended mobile devices include:
- Other mobile devices on iOS, Android, Windows, or BlackBerry operating systems.
The app will be able to scan QR codes and retrieve authentication data for you. Recommended authenticator apps include:
- Google Authenticator (Android/iPhone/BlackBerry)
- Duo Mobile (Android/iPhone)
- Amazon AWS MFA
- Authenticator (Windows 10 Mobile)
Activate an authenticator app in Invotide admin panel
From your Invotide admin panel, go to Users > Two-factor authentication.
In the Two-step authentication section, configure your authentication app by using one of the two methods provided.
To use the QR code provided, tap Scan QR code and then point your camera at the QR code on your computer screen.
Enter the six-digit code generated by the app to complete step 4 of the setup page.
Click Enable button.
You'll be provided with a recovery code that look like this:
Write down your recovery code and keep in a safe place. If you don't have access to your mobile device, then using a recovery code is the only way to log in to an account that has two-factor authentication enabled.Now when you try to log in, two-factor authentication will require your mobile device.
The Two-factor authentication is also available for customers that have an account on your website. When customers login to their accounts, they will be able to setup two-factor authentication by navigating to the "My Account" page. See screenshot below (This feature is available to only clients on the Standard plan).
Feel free to contact us if you've any question or experience any issue setting up two-factor authentication.
Wednesday, July 10, 2019