Setting Up Two Factor Authentication in CMS

This page is split into 8 sections;

Section 1. Enabling 2FA in CMS
Section 2. Deleting a 2FA CMS Device
Section 3. Adding a 2FA CMS Device
Section 4. Verifying through Email
Section 5. What to do if you lose your 2FA Device
Section 6. Trust this computer for 30 days feature
Section 7. Security Settings
Section 8. How a CC Staff Member can reset a clients device for FrontEnd through CMS

Section. 1

Enabling 2FA in CMS

Load CMS
Enter your credentials (Email Address and Password) and then click "Log in"

A choice of either setting up a device now or have a code emailed to you, for now, will appear as shown below

Enabling 2FA Route;

Scan the QR code or manually enter the 16 digit code (sometimes referred to as a KEY) using your Authenticator App on your personal device

Common Authenticator Apps;

Authy
Microsoft Authenticator
Google Authenticator
LastPass
OTP

Once you have either scanned the QR code or entered the 16 digit code manually, you will then be provided with a 6 digit ONE TIME ONLY code to enter

*Note; The 6 digit code is only valid for 60 seconds (Your Authenticator App will provide you with a new code after this time expires)

Input the 6 digit code and then click "Verify"

You will now be logged into CMS

Select "Manage Devices" from the right-hand side menu

Section 2. Deleting a 2FA CMS Device

Select "Manage Devices" from the right-hand side menu

From this screen you can;

*Edit your device name

*Delete your device (and then you will be provided with a button to add a new device)

*View the date the device was added

Deleting a device

Click on the "Trash Can" and confirm you wish to delete the device

Section 3. Adding a 2FA CMS Device

Adding a new device

Click on "Add Device"

Scan the QR code or manually enter the 16 digit code into your chosen Authenticator App

Enter your 6 digit code

Your new device is now added

Section 4. Verifying through Email
Enter your credentials (Email Address and Password) and then click "Log in"

Select "Verify by using Email"

You will then receive an email containing a 6 digit code

Enter the 6 digit and then click "Log in"

You will now be logged into CMS

Section 5. What to do if you lose your 2FA Device

Enter your credentials (Email Address and Password) and then click "Log in"

Click on "I've lost my authenticator device link

A message will appear for you to contact CrowdComms account manager. You will need to contact the support thread to have a CMS 2FA device reset

Section 6. Trust this computer for 30 days feature

Enter your credentials (Email Address and Password) and then click "Log in"

Check the "Trust this computer for 30days box

You will be prompted in 30 days to then re-verify your device

Section 7. Security Settings

On the security page, CMS users can now choose which level of security they want to set as the minimum for their app

Password Only - Users will be offered the choice to set up 2-factor authentication via an authenticator app, but it won't be required and they can skip it completely. There will be no option to verify via email. If users do connect an authenticator app, then they will be required to use that for subsequent log-ins.

Email Only - Users will be offered the choice to set up 2-factor authentication via an authenticator app, but it isn't required. If they choose not to, however, they will need to enter a code sent to them via email.

Authenticator Only - It will be mandatory for users to set up 2-factor authentication via an authenticator app, and they will be unable to log in without doing so.