2-factor authentication is the process in which an additional piece of information is requested and required, along with your username and password, to sign in to your account.
In this article, we review how to enable 2-factor authentication with the Twilio SMS Service. However, eFront supports two more methods of 2-factor authentication: email and Google Authenticator. These are not mutually exclusive. They can run side by side and, if all three services are activated by the administrator, the end user will be able to select their preferred one.
Twilio is a subscription-based SMS service that allows for easy 2-factor authentication. To set it up, you should first create a Twilio account. Before you proceed, keep in mind that to use this function, you’ll need to buy a new number with the capability to send SMS messages. If the SMS capability is not available in a user's country, then you can choose any country offering a number with SMS instead. For more information, please have a look at this Twilio's support article.
To set up 2-factor authentication with Twilio:
- Visit Twilio and create a user account.
- As soon as you sign in, you'll be redirected to your Twilio Dashboard (console). Save your ACCOUNT SID (1) and AUTH TOKEN (2) values for later use.
- Expand Phone numbers (3), click Manage (4), and select Buy a number (5).
- From the list of available numbers, select your preferred one and click Buy (6) to confirm. Make sure to select a number with SMS capabilities.
- Sign in to your eFront portal as an Administrator.
- Go to System settings (7) > Security (8) > 2-factor authentication (9).
- Set Using an SMS to Twilio (10).
- In the Service SID (11) box, add the value of ACCOUNT SID (1) saved from your Twilio page earlier.
- Similarly, use the value of AUTH TOKEN (2) in the Service Key (12) box.
- Add the phone number you've purchased, without any spaces or dashes (for example, +1234567890) in the Service phone (13).
- Click Save to confirm your changes (14).
Once enabled, users can visit their profile page to activate 2-factor authentication. To do this, they should:
- Expand the right drop down menu (1) and select My account (2).
- Change to Profile (3) and click the Enable 2-factor authentication link (4).
- In the new window, the user needs to set the Authentication type to SMS (5).
- Fill in their phone number (including the country code) in Phone number (6) and click Send verification code (7).
- Lastly, they need to enter the verification code they've received to complete the process.
The next time the user tries to sign in, they will be presented with an additional field to input the 6-digit code sent as an SMS to their phone number.