This article covers the topic of Two-Factor Authentication for the admin portal.
What do you mean by Two-Factor Authentication?
Normally, when signing in, you must enter both your email address and your password. When Two-Factor Authentication is enabled, you will need to enter a time-based one-time password (TOTP). This is an additional security measure to prevent someone else from accessing your account, even if they know your email address and password.
2FA System Settings
Two-factor login is disabled by default. You can easily enable it on the host settings. Once enabled, staff can enable or disable it on their profile page. Go to the “Security” Tab in system settings.
To know how to find system settings, see How to access system settings.
Authentication via a code-generator app (such as Google Authenticator) will be the default option. SMS functionality enables people without smartphones to use 2FA. Setting up 2FA via SMS requires two steps:
1. SMS with codes cannot be sent unless the SMS module is active.
2. Enabling “Enable two-factor user login” and “Enable SMS verification” in System Settings is necessary due to the cost of SMS compared to authenticator apps.
How to set up Two-Factor Authentication on the employee profile in the admin portal?
This is available if the user has enabled two-factor authentication in his/her profile. To enable it:
Go to the profile page and click “Enable”:
2. The user can scan the QR code with an authenticator app (like Google Authenticator) and enter the code on the next page:
3. Then the user can see his/her recovery codes:
That's it. Now, the user can use the authenticator app to verify himself/herself.
You can also disable two-factor authentication and view the recovery codes again:
If you are an employee, or you just want to know the steps for employees, please read Two-Factor Authentication for Employees.
I am the only user with administrator rights, and I can't disable 2FA on my account.
Contact support through the chat.