Two-Factor Authentication (2FA)
Description
Two-factor authentication (2FA) is a security system that requires not only your username and password but also a special code sent to you. To authenticate, you will need a one-time code generator. For example, Google Authenticator. Once you've enabled 2FA, entering a six-digit code will become a mandatory step every time you log in to the platform.
How to Enable 2FA for an Individual User
1. Go to your profile settings. To do this, click on the profile picture in the upper right corner. Next → My profile .
2. Go to Security settings. In the Two-factor authentication block, click "Connect":
3. The instruction will open. Follow the steps: download the application, add Altcraft Marketing in it and enter the six-digit code sent to you. Then click "Connect".
4. A list of recovery codes will appear on the page. Use them to restore access to your account in case of loss of the device on which the 2FA application is installed. Each recovery code can only be used once. It will be impossible to open this list again, so copy it and store it in an accessible place.
The 2FA setup is complete. Now, every time the user logs in to the platform, they will have to enter not only their username and password but also a six-digit code sent to them in the authentication application.
Information about successful and failed login attempts will be displayed in Login history:
If you no longer need two-factor authentication, click on "Disconnect":
How to Enable 2FA for All Account Users
To enable mandatory two-factor authentication for all accounts, the platform administrator must activate the Force 2fa for users in account settings in the Administration Panel:
Once you've activated mandatory 2FA, any user will have to set up two-factor authentication to log in to the platform. The setup window will open when the user enters the correct username and password:
If two-factor authentication is mandatory for all accounts, the user won't be able to disable it. If they click on "Disconnect" a warning window will pop up:
If, despite the warning, the user disables 2FA, he will be logged out from the platform. To log in, he will need to reconfigure 2FA.