Two Factor Authentication for Front End Use
Setting up 2FA for Your App
You can now choose between further security options for your events. These extra options are only available for private and secure platforms that require login.
Security options are as follows:
This is the login process as you currently know it, with no changes. Users will not be given the option to set up 2FA during the login process.
After going through the standard process of inputting their email and password, users will be given the option to set up a 2FA device at login, but it is not compulsory. They can opt for 'ask me later' if they don't want to do it at that moment, or they can select 'don't ask me again' in which cse this screen will never appear again when logging into the app.
For setting up a device, please see the option for usng an authentication app below.
This option means that 2FA is required, however front-end users can choose between an authentication app, or verification via a code being sent to their email.
If they choose to receive a code, then a 6-digit code will be sent to their email which they will need to input before proceeding:
N.B. They have the option to turst the device for 30 days, to save doing this on each login should they wish.
If they chose an authentication app, then please see the steps below for using an authenticator app
It will be mandatory for users to set up an 2FA via an authenticator app in order to log in. As soon as their email and password have been input, they will be presented with this screen:
Once you have either scanned the QR code or entered the 16 digit number manually, you will then be provided with a 6 digit one time code to enter into the next screen on the App.
N.B. The 6 digit code is valid for 60 seconds (Your authenticator App will issue a new code after this time has expired)
As with email verification
Most people will be familiar with Authentication apps, but for anyoe who hasn't used oe before, you can point them in the direction of these common ones:
- Microsoft Authenticator
- Google Authentictor
Managing Your Devices
On the front end, you can have more than one device for authentication. To manage your devices you need to go to the top-right profile menu and click 'my account'.
There you can:
- Edit your device name
- Add or Remove a device
- View when a device was added to the account
If a delegate loses their authentication device, they will need to contact you as the event organiser to reset it for them.
To do this, you just need to find their profile in the people library, and then scroll down all the way to the bottom and click ‘reset authenticator devices’. This will remove the attached device from their account and allow them to set one up again from scratch.
- If a passcode has been added to your app, this comes after everything as the very last step.
- SSO overrides everything as it already requires verification via a third party