2-factor authentication is the process where an additional piece of information is requested along with your username and password, and it is required in order to sign into your account.

In this article we review how to enable 2-factor authentication with Twilio SMS Service, but eFront supports two more methods of 2-factor authentication, email, and Google Authenticator. These are not mutually exclusive. They can run side by side and, if all three services are activated by the administrator, the end user will be able to select their preferred one.

Twilio is a subscription-based SMS service that allows for easy 2-factor authentication. In order to set it up, you should first set up a Twilio account. Before you proceed, have in mind that to use this function you will need to buy a new number with the capability to send SMS messages. If the SMS capability is not available in a user's country, then you can choose any country offering a number with SMS instead. For information on this, please have a look at this Twilio's support article.

1. Visit Twilio and create a user account.
2. As soon as you sign in, you will be redirected to your Twilio Dashboard (console). Save your ACCOUNT SID (1) and AUTH TOKEN (2) values for later use.
3. Expand Phone numbers (3), Manage (4), and select Buy a number (5).
4. From the list of available numbers, select your preferred one and click Buy (6) to confirm. Make sure to select a number with SMS capabilities.
5. Sign in to your eFront portal as administrator.
6. Go to System settings (7) > Security (8) > 2-factor authentication (9).
7. Set Using an SMS to Twilio (10).
8. In the Service SID (11) box, add the value of ACCOUNT SID (1) saved from your Twilio page earlier.
9. Similarly, use the value of AUTH TOKEN (2) in the Service Key (12) box.
10. Add the phone number you purchased, without any spaces or dashes (for example, +1234567890) in the Service phone (13).
11. Save changes (14).

Once enabled, users can visit their profile page to activate 2-factor authentication. To do this, they should:

1. Expand the right drop down menu (1) and select My account (2).
2. Change to Profile (3) and click on the Enable 2-factor authentication link (4).
3. In the new window that will appear, the user needs to set the Authentication type to SMS (5).
4. Fill in their phone number (including the country code) in Phone number (6) and click Send verification code (7).
5. Lastly, they need to enter the verification number received to complete the process.

The next time the user tries to sign in, they will be presented with an additional field to input the 6-digit code sent as an SMS to their phone number.