Announcement

Collapse
No announcement yet.

support for multifactor authentication

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • CnP.LiveSupport.AB
    replied
    Hi fielding,
    There is not currently an option where you would have to verify both by email and by phone.
    And there is currently no option to force the user to use only one or the other - they can always use email, and if their user record has a mobile number, they can use the OneTouch/Authy method.

    Leave a comment:


  • fielding
    replied
    Hello,

    2FA and MFA are synonymous so we are discussing the same thing (https://www.nist.gov/itl/applied-cyb...authentication). The 2FA option is no longer greyed out as this was solved with your previous reply. I was seeking a way to require users to log in via the second method that requires two devices rather than the first which requires only one device. I agree the first method is secure and more convenient, but I view the latter as more secure. i don't see a method to require the two-device method, but if this an option please advise. Thank you!

    Leave a comment:


  • CnP.LiveSupport.AB
    replied
    fielding ,

    Could we get a screenshot of where you are referring to the multi-factor authentication in the user profile as having been 'greyed out'? The user profiles created in CONNECT do not refer to authentication, so I'm guessing you are seeing this somewhere else?

    And may we clarify what you mean by 'multi-factor authentication'?
    CONNECT requires that the user verify their identity either by
    1. sending a one-time verification code to their email, which they must then enter to login
    2. OR by connecting their mobile phone to the 'Authy' app. When a user attempts to login into CONNECT, and enters their mobile number - a message is sent to that user's 'approved' mobile number. They must approve this message within a time-limit through the Authy app, or they will not be able to login.
    We usually refer to this as 'two-factor authentication'.


    I'm concerned about your meaning, because this method is very secure - in order for someone to login they must have access to receive that person's email when they attempt to login or immediately respond from their mobile device. Generally we have more issues with customers finding this as more of a nuisance than the prior method of just using a password.

    Leave a comment:


  • fielding
    replied
    Thank you. It appears I can enable this second auth. method (via Authy app/mobile device) but that users still have a choice, so there is no way to require users to log in with strong 2FA (e.g., requiring a second device). Is that correct? Thanks.
    Last edited by fielding; 08-12-2021, 07:44 AM.

    Leave a comment:


  • CnP.Support.AM
    replied
    Good day fielding

    Here is the KB article: https://support.clickandpledge.com/s...t-how-to-login

    Please note that it wouldn't allow to edit until you provide the mobile number. Please make sure to enter the mobile number before you try to enable it.

    Please check and let us if you still see any issues.

    Leave a comment:


  • fielding
    started a topic support for multifactor authentication

    support for multifactor authentication

    Hello, does Connect support multifactor authentication? This is displayed as an option in my user profile but is 'greyed out' (value of 'disabled' can't be edited) and I see no supporting documentation on the platform or here.
Working...
X