Two-Factor Authentication
Enabling Two-factor Authentication
To improve security of your Engaging Networks accounts, you can enable “two-factor authentication” (2fA). In addition to requiring a password, your users will also need to install a “Google Authenticator” app on their mobile device, which will generate a random number to create the second factor of your authentication process.
Watch the video below for an introduction to Two Factor Authentication.
After logging in with their designated password for the first time after 2fA has been enabled, your users will see a screen similar to this:
In order to continue the login, they will need to download the Google Authenticator app onto their mobile device and either scan the on-screen barcode (e.g. above) through the app with their phone’s camera, or manually type in the secret code which can also be displayed on the screen. A six digit code will then be displayed inside the app (which updates every 15 seconds) that will need to be entered before they can login to Engaging Networks, on this new screen:
This process is only required on first use. Subsequent logins (assuming they are using the same browser and device) will only require the username and password as normal.
If 2fA is successfully implemented by a user, the code will be remembered for three months. After this period (or if they use a separate browser or device to login) they will need to re-authenticate by entering a new six-digit code that can be found inside the downloaded Google Authenticator app. The Engaging Networks’ Super Administrator can however reset 2fA for a user at any time, meaning they will need to start the process again. See more on this below.
Setting up two-factor authentication
This can only be enabled by your Engaging Networks Super Administrators. If you are unsure who has this access for your account, please contact client support.
There are two main ways to set up two-factor authentication (2FA); you can set it up for all your users, or enabled it on a user-by-user basis.
To enable 2FA for all users, go to Hello YOURNAME > Account settings > Users.
Click on the icon in the upper right hand corner. You will see the following screen:
If you choose to Enable two factor authentication, all your users will be required to use the Google Authenticator app to complete logins to their Engaging Networks accounts.
Enabling two-factor authentication for individual users
If you only require certain individuals to use two-factor authentication, you can enable the functionality on a per-user basis.
Open up the users account, and select ‘Enable two factor authentication’
As soon as a user has logged in once with the two-factor authentication system, you are able to select to reset their token:
Resetting the token will bring the user back to the setup stage for two-factor authentication.
If you’re experiencing trouble resetting the secret token, here is the process to reset the QR code.
Resetting Authenticator QR Code after getting new phone
If a user has lost their phone or had to replace it, you can reset the 2FA setting and get access to the QR code for the Google Authenticator app.
Disable 2FA for User
Select the check box net to the User Type at the top left. Then Click the Disable 2FA button that appears. (Do not deselect the Enable two factor authentication checkbox).
You will then see this popup:
Click the Disable two factor authentication.
Enable 2FA again
Make sure the checkbox by User Type is selected and then click Enable 2FA button at the top of the screen.
You will then see this popup screen:
A popup will appear asking if you want to enable 2FA. Click the Enable two factor authentication button.
The next time the User logs in, they will see this screen:
User will see popup with QR Code or will be able to view a secret token to authenticate with Google Authenticator.