2-factor authentication is the process in which an additional piece of information is requested and required, along with your username and password, to sign in to your account.
In this article, we review how to enable 2-factor authentication with Google Authenticator. However, eFront supports two more methods of 2-factor authentication: email and SMS-based authentication. These are not mutually exclusive. For portals hosted by Epignosis, Email and Google Authenticator verification methods are enabled by default, while Twilio authentication can be activated by the administrator. All three methods can operate simultaneously, allowing end users to choose their preferred option.
Note: To enforce 2-factor authentication for administrator users and users mapped to administrator roles in on-premise eFront installations, you must be running eFront version 7.8.0 or later. Add ENFORCE_2FA=true to your .env file and restart your web server for the change to take effect. |
To use Google Authenticator, download the app on your smartphone or tablet device.
To set up Google Authenticator:
-
Sign in to your portal as an administrator and go to System settings (1).
-
Go to Security (2) > 2-factor authentication (3). Set Using a QR code service to Google Authenticator (4).
- Click Save (5) to confirm your changes.
Once enabled, users can visit their profile page to activate 2-factor authentication. To do this, they should:
-
Navigate to your profile (1) and select Account settings (2).
-
Select Enable 2-factor authentication link (3).
- In the new window, the user needs to set the Authentication type to Google Authenticator (5).
-
Scan the QR code (6) using the Google Authenticator app on their smartphone or tablet device, and add the provided code (7).
- Click Activate (8) when they're done.
The next time the user tries to sign in, they will be presented with an additional field to input the 6-digit code displayed on their smartphone or tablet device.