2,299
edits
Changes
no edit summary
The '''Two-Factor Authentication '''function provides a second factor - this can be something that someone has (for example, an access card) or some unique property of that person (for example, a fingerprint, or a code sent to a personal mobile device).
A user may lose an access card or get duped into sharing a password, but the odds of both happening to a single user are dramatically reduced. Using '''Two-Factor Authentication Authentication '''enhances therefore enhances an organization's ability to ensure that no one is using illegitimate means to gain access.
'''Two-Factor Authentication '''is a required component of maintaining [[SmartSimple]]'s SOC2 security status. SmartSimple supports two different '''Two-Factor Authentication '''approaches:
In order to configure '''Two-Factor Authentication, '''you will need to have the following:
* [[Global User Administrator|System Administrator]] access - your [[User|user]] [[User Role|role]] in your [[SmartSimple]] [[instance]] must be '''System Administrator Administrator.'''
* Access to a mobile device and the appropriate Google Authenticator application installed on the device - the app can be retrieved from Google Play, App Store, etc by searching for "Google Authenticator" in the application store.
==Configuring a Role to Use Two-Factor Authentication==
'''Two-Factor Authentication '''is configured by [[User Role]]. For best practice, it is recommended to specifically create '''Two-Factor Authentication '''as a new role and adding it to the existing users. While '''Two-Factor Authentication '''can be added to an existing role, it is not recommended because it will become more complex to manage. <br />For roles that have this feature enabled, the use of '''Two-Factor Authentication '''becomes mandatory. This involves a drastic change in user experience, so SmartSimple recommends that this action be rolled out to users in small groups at the beginning of the process.
The first step of the implementation process is to create this role in your [[SmartSimple]] [[instance]].
Follow the steps below in order to configure a user role to '''Two-Factor Authentication - '''
:: {{Icon-Menu}}
2. Under the heading '''Configuration, '''select '''Roles and Security.'''
:: [[File:2factor roles.png|220px|border]]
3. Click on the first hyperlink labelled '''User Roles.'''
The list of available [[User Role|user roles]] in your system will be displayed.
4. Click on the '''+ icon '''on the top left in order to '''Create a New Role. '''
:: [[File:2factor create new user role.png|600px|border]]
4. Click on the '''pencil icon '''next to the role for which you wish to add '''Two-Factor Authentication. '''
:: [[File:2factor pencil icon.png|30px|border]].
This will bring you to the '''Edit '''details for that role.
:: [[File:2factor from edit role.png|500px|border]]
By clicking into the drop-down, you have the ability to select from a number of different options: