Two Factor Authentication for CMS Use
Setting Up 2FA
This2FA pagecan be enabled either by an authentication app or by getting a verification code sent to your email address.
N.B. If it is splityour intofirst 8time sections;
Section 1. Enabling 2FA in CMS
sinceSection 2. Deleting a 2FAthe CMSDevicethe - roll
maySectionout3.ofAddingmulti-factoraauthentication,2FAthenCMSyouDevice Section 4. Verifying through EmailSection 5. Whatneed todo if you loseclose your2FAbrowser,DeviceSection 6. Trust this computer for 30 days featureSection 7. Security SettingsSection 8. How a CC Staff Member can reset a clients device for FrontEnd through CMS
Section. 1
Enabling 2FA in CMS
Load CMSEnter your credentials (Email Address and Password)re-launch and thenclickclear"Logyourin"cache
AWhen choice of eitherfirst setting up a2FA device now or have a code emailed to you, for now,you will appearbe aspresented shownwith below
Enabling 2FA Route; screen:
If you choose to use an authentication app then please select ‘enable’. This gives better protection as it requires the use of 2 devices. If you however would rather verify by email, you can as this is still an additional layer of security.
To set up using an authentication app:
Scan the QR code or manually enter the 16 digit code (sometimes referred to as a KEY) using your Authenticator App on your personal device
Common Authenticator Apps;
AuthyMicrosoft AuthenticatorGoogle AuthenticatorLastPassOTP
Once you have either scanned the QR code or entered the 16 digit code manually, you will then be provided with a 6 digit ONE TIME ONLY code to enter
*Note;N.B The 6 digit code is only valid for 60 seconds (Your Authenticator App will provide you with a new code after this time expires) .
If you are unfamiliar with authentication apps, then here are some common ones you can use:
- Authy
- Microsoft Authenticator
- Google Authenticator
- LastPass
- OTP
Input the 6 digit code and then click "Verify"
You will now be logged into the CMS
SelectEmail "ManageVerification
If Devices"you fromopt for email verification, a 6 digit code will be sent to the right-handemail sideaddress menu associated with your CMS account.
Section
N.B. 2.For both routes, you have the option to ‘trust this computer for 30 days’ to save you verifying every time if you don’t want to.
DeletingHow ato 2FAManage your CMS Device
Select "Manage Devices" fromIn the right-top-right hand sideprofile menu
From this screen you can;
*Edit your device name
*Delete your device (and thenmenu you will besee providedthe withoption to ‘manage devices’. Here you will see a buttondevice if you chose to adduse aan newauthentication device)
*ViewYou can click the datepencil theto re-name it so you know exactly what device wasyou added used if helpful.
DeletingN.B. You can only have one authentication device at a device
Clickfor onCMS access, so if you want to change devices, you will need to click the "Trashtrash Can"can andto confirmremove the first one. Once you wishhave no devices, you will see the option to delete‘add thedevice’. device
Section 3.Adding a 2FA CMS Device
Adding a new device
Click on "Add Device"
Scan the QR code or manually enter the 16 digit code into your chosen Authenticator App
Enter your 6 digit code
Your new device is now added
Section 4.Verifying through EmailEnter your credentials (Email Address and Password) and then click "Log in"
Select "Verify by using Email"
YouThis will thenreceivetakeanyouemail containing a 6 digit code
Enterthrough the6previousdigitprocessandtothensetclickup"Log in"
You will now be logged into CMS
Section 5.What to do ifIf you lose your2FA Device
Enter your credentials (Email Address and Password) and then click "Log in"
Click on "I've lost my authenticator device link
A message will appear fordevice, youto contact CrowdComms account manager. Youwill need to contacttheyoursupportdesignatedthreadmembertoofhaveourateamCMSas2FAonlydeviceCrowdComms staff can reset
Section 6. Trust this computer for 30you. days feature
Enter your credentials (Email Address and Password) and then click "Log in"
Check the "Trust this computer for 30days box
You will be prompted into 30do daysthis by the system anyway if you select this option when trying to login. We will then re-verifyreset your device
Section 7.Security Settings
On the security page, CMS users can now choose which level of security they want to set as the minimumit for their app
Password Only - Users will be offered the choice to set up 2-factor authentication via an authenticator app, but it won't be required and they can skip it completely. There will be no option to verify via email. If users do connect an authenticator app, then they will be required to use that for subsequent log-ins.
Email Only - Users will be offered the choice to set up 2-factor authentication via an authenticator app, but it isn't required. If they choose not to, however, they will need to enter a code sent to them via email.
Authenticator Only - It will be mandatory for users to set up 2-factor authentication via an authenticator app, and they will be unable to log in without doing so.
Section 8. How to reset devices for delegatesLog into CMS with your credentials
Enter your verification code from the authenticator app
Select your App
Click on "Libraries" and then "People" module
Search for the person who needs their device reset and click "Edit"
Scroll to the bottom of the persons profile to the "Settings" section
Click on "Reset Authenticator Device"
