Smartstaff
282
edits
Changes
→Configuration
[[File:Authentication Options.png|thumb|none|800px|Authentication Options]]
Note: When enabling MFA, all existing users in roles that will have 2-Factor enabled must first scan their code into an authenticator app.
# Select the User menu from the top leftright.
# Select the link titled '''Personal Settings''' from the user menu.
# Select the Security tab in the following modal window. # Open your Authenticator app on your mobile device. If one is not yet installed on your device, download “Authenticator” from your mobile device’s app store. # On your mobile device, in the Authenticator App, select “Add new device” or similar. Then “Scan QR Code” or similar.
# Scan the QR code “TOTP QR Code” from within the app on your mobile device.
# A new device should be added to your list. Note that, alternatively, you can also use the “TOTP Secret Key” as opposed to the QR code.
# In your SmartSimple instance, in the '''Configuration Menu''' (9-Square Grid Icon), select '''Global Settings'''. # Select the '''Security''' Tab from the Global Settings. # Click '''Password and Activation Policies'''.
# Under “Authentication Options”, toggle on '''Enable Multi-Factor Authentication (MFA)'''.
# In the setting '''Roles with Time-Based One-Time Password (TOTP)''' include the roles that you will be adding 2-Factor Authentication for. Note that the existing users in these roles must first scan the QR Code on their mobile device before this setting should be toggled on. # Toggle on '''Enable Trusted Device''' if you would like users to be able to bypass entering a code for a time period after the code has been successfully entered. If enabled, also enter the time period that the 2-Factor Authentication will be bypassed for trusted users.
# Scroll to the bottom of the page and click '''Save'''.
# To test your MFA, log out of your account, and then log back in. You should now see a page following login called “Multi-Factor Authentication.” Enter the password in the Authenticator app here, and access will be granted into the system.