In this article

Configuring 2-Step Login

Managing the 2-Step Login Feature

Troubleshooting

2-Step Login enables you to set up additional identity checks that Workers must fulfill to access Penelope. This means that Workers will have to occasionally provide a verification code sent to a Trusted Device or answer a Security Question along with a correct User Name and Password to log in.

A Trusted Device is an email address or phone number associated with a Worker’s account where verification codes can be sent. 2-Step Login makes use of your Trusted Devices by sending a verification code to the device.

Security Questions are a method of verifying the Worker’s identity where the Worker responds to questions that only they should know the answers to. As a System Administrator, you set up a list of possible Security Questions that Workers can configure answers for.

Each time a Worker logs in to Penelope through a new browser (or if they have cleared their cache/cookies), they must respond to a Security Question or type in a verification code that has been sent to a Trusted Device. You can additionally require that, after a specified number of logins, a Worker must provide their 2-Step Login credentials.

Prerequisite: Prior to enabling Trusted Devices, you must configure your External Communication settings. For more information, see the Authentication Email and, optionally, SMS topics.

1. Navigate to User Setup > Security > Authentication.

2. In the 2-Step Login section, click Enable.

3. Click Edit.

4. To enable trusted devices as a 2-Step Login method, in the Enable trusted devices section, choose one of the following options:

-Via email

-Via SMS

-Via email or SMS

5. If you have already set up Security Questions and want to use them as an option for 2-Step Login, click Enable security questions. If you haven’t created Security Questions yet, disregard this option for now.

6. In the Require 2-Step Login every field, type how often (in days) that Workers must input a verification code or answer a Security Question.

7. Click Save.

After you finish: The next time a Worker logs in to Penelope, they will be prompted to input their Trusted Devices.

1. Navigate to User Setup > Security > Authentication.

2. In the 2-Step Login section, click Edit.

3. In the Enable trusted devices section, choose whether you want to allow verification codes be sent to Email, SMS, or both.

4. Click Save.

1. Navigate to User Setup > Security > Authentication.

2. In the 2-Step Login section, click Edit.

3. In the Require 2-Step Login every field, type how often (in days) that Workers must input a verification code or answer a Security Question.

4. Click Save.

1. Navigate to User Setup > Security > Authentication.

2. In the 2-Step Login section, click Disable.

Issue: You receive the following error when trying to save your 2-Step Login settings:

Prior to turning on Email/SMS for 2-Step verification, the master Email/SMS setting must be enabled and all credential settings for Email/SMS must be provided in the External Communications > Settings tab.

Possible solution: Ensure you’ve configured and enabled Authentication Email and/or SMS in your External Communication settings.

Issue: You receive the following error when trying to save your 2-Step Login settings:

Cannot have fewer activated questions than the minimum that must be answered

Possible solution: To enable Security Questions as a 2-Step Login method, you must have created at least the minimum number of Security Questions Workers must provide answers for in the Security Questions section.

Create and activate at least the number of Security Questions indicated as the minimum required (for example, 3 questions as shown in the example configuration below).