What is Two-Factor Authentication?
2 Factor Authentication (2FA) provides you with additional online portal security in that an intruder would now need physical access to something you have (a mobile device where the 2FA App is installed), as well as something you know (your online portal username and password) in order to gain access to your online account.
2FA is a free service and is based on time based passcodes. It requires use of the Google Authenticator App which is available for both Android and Apple devices (free download from Google Play OR Apple App Store).
PLEASE NOTE:- This service is ONLY currently available to the Primary Account holder login. All sub-account holders will still be able to access using username/password, however “Permissions” can be set for each sub user by the Primary Account Holder in order to restrict what areas of the account can be viewed/accessed and ensure overall account security.
Requirements for setting up Two-factor authentication
- Mobile device with Google Authenticator App installed. You can download the Google Authenticator App from the Google Play Store or Apple App Store
- Client Portal Access as Primary account holder.
enable Two-Factor authentication
- Before enabling 2FA you will need to ensure that you already have the Google Authenticator app installed on your mobile device.
- Login to the client portal as the Primary contact then from the profile menu select Security Settings.
- On the Security Settings page you now have the option to enable 2FA select the button to enable.
- On the pop updialog select the authentication type and select Get Started.
- You will now be presented with a QR code and a secret key. On your mobile device, open the Google Authenticator App and scan the QR code or enter in the secret key.
- You will now need to verify it has setup correctly so check on your device for the code linked to your portal account and enter this in and confirm Check your device for the new code Enter in the code from your device and select Submit
- You have now setup 2FA. You will be presented with your backup code so you should take a note of this and store it someplace save incase you are not able complete two-factor authentication.
If you have multiple users who all currently share the primary account access details then 2FA can only be used if ALL users have their own mobile device with the Google Authenticator App. You will need to take note of the security key that is generated and then issue to any other users that will require access using the primary account. For overall security, it's not recommended to have multiple users using the same primary account and additional users should have their own individual sub-account logins. In the event that you have multiple users using the same 2FA details and you have one member of staff leave you will need to disable and re-enable with a new code, the code will then need to be issued to all users again.
To disable 2FA follow steps 1-3 then select the Disable button.