Two Factor Authentication (TFA) enables all users in the account to add a one time password option to their login credentials. Logins making use of this feature will require a One-Time Password token app to be installed on their smartphone or tablet.
Two Factor Authentication affects the PCSM/Web Portal only. Access to the agent is by login and password only.
How to configure Two Factor Authentication
Two Factor Authentication must be configured by an Account Admin on their account before enabling it for the rest of the users in the account.
IMPORTANT: Additionally, it is recommended that there are more than one Account Admin user enabled in the account for recovery purposes, in case of a problem authenticating during the initial configuration, or in case of an issue with an authenticating device.
- Ensure you have a 2-Factor token generating app installed on your smartphone or tablet. An example of which would be one of the following apps:
- Google Authenticator (Android and iOS)
- Authy (Android and iOS)
- HDE OTP (iOS)
- Log into the PCSM web portal.
- Click the Setup tab and select My Info.
- Scroll down and click Enable Two Factor Authentication.
- This opens a QR code which you need to scan into your token generating app.
- Once you have scanned the code, enter the first two codes that are displayed on the device into the two token boxes.
- Once this is complete, a message will indicate that two factor authentication has been configured for this login.
- To test it has been configured correctly, log out and log back in. Once you have entered your Login and Password details, you will be prompted for your TOTP token.
Your users now have the option to enable TFA for their login but following the steps noted above. However, users will require at least Read-only access to the Accounts tab in the PCSM.
How to enable TFA for the Account
Two Factor Authentication can be made mandatory for all users logging into your account.
To do this:
- First, ensure you have Account Admin access.
- Next, login to the PCSM web portal.
- Click the Setup tab and select Account Settings.
- Under Access Control, switch Require Two-Factor Authentication to ON.
- Once enabled, all users will be forced to enable TFA for their login.