Multi-Factor Authentication
Overview
Multi-Factor Authentication is a method of authentication in which a user is granted access to your SmartSimple Cloud system only after successfully presenting two or more pieces of evidence to an authentication mechanism.
The security impact of Multi-Factor Authentication (MFA) is that while a user may lose an access card or get duped into sharing a password, the odds of both happening to a single user are dramatically reduced. Using MFA therefore enhances an organization's ability to ensure that no one is using illegitimate means to gain access.
SmartSimple Cloud supports two different approaches to Multi-Factor Authentication:
Time-based One-Time Password (TOTP) - this technique uses an authentication app that is installed on a mobile phone or other personal device.
Verification Code – a single use code sent by either Email or SMS to a user specified email address or phone number
Configuration
All settings related to Multi-Factor Authentication are in a single location
- Navigate to Global Settings > Security > Password and Activation Policies.
- Scroll to Authentication Options and toggle on Enable Multi-Factor Authentication
- Specify the roles that require authentication via TOTP and/or Verification Code
NOTE: If new roles are added to the system, the MFA configuration must also be updated