Setting up and Using 2 Factor Authentication
Introduction
Two-factor authentication (2FA) is an electronic authentication method in which a user is granted access to a website or application (in this case usmart.io) only after successfully presenting two pieces of evidence (factors) to the uSmart authentication mechanism. The 2FA is comprised of: 1) user name and password 2) a 6 digit code supplied via the users mobile phone or google authenticator application.
Organisation Setup
When enabled for your organisation 2FA is a mandatory component for all administrator users. It is not currently a mandatory component for logging into uSmart for all other users types. It is currently a decision of the administrator(s) for an organisation to assign 2FA for other users. To have 2FA enabled for your organisation please get in touch.
Once 2FA is enabled for your organisation existing Admin users won’t have 2FA enabled right away, Navigate to the Main Management Page and click the blue 2FA icon next to the delete icon
Next time that user logs in they will go through the 2FA setup flow
If a user requires their 2FA to be reset, where a user has lost a device or is having issues with one of the methods, or you believe the users 2FA process has been compromised.
Ensure the user is genuine and this is not an attack vector
Navigate to the Main Management page to reset 2FA
A user cannot reset their own 2FA
The orange 2FA icon represents an active 2FA, clicking the orange button will reset the 2FA process for that user.
The blue 2FA icon represents a user awaiting 2FA setup, we would suggest you encourage users not to leave the 2FA setup process unresolved for long.
User Setup
Once 2FA is enabled for your account
Step 1
Provide your email address and password as normal on every login.
Â
Step 2
Each user will have the choice of using the Google Authenticator App or providing their mobile phone number
Authenticator
Step 3a
When selecting this option a QR code and token (setup key) will be displayed on the uSmart user interface after the user has provided their user name and password. Once the user has scanned the QR code into their chosen authenticator application and copied the token to a safe place then the authenticator should provide a 6 digit code to complete setup and log in to the application.
Step 4a
Future Logins will be simpler in that after Step 1 the user will be progressed straight to Step 4a where they provide the code from their authenticator application.
If you have lost access to your device or authenticator application you can reset your 2FA process by contacting your uSmart administrator.
SMS
Step 3b
When selecting this option the user must provide their mobile phone number to enable the text message to be sent. it is important that you include the country code of your phone number.
Step 4b
Await the text message with your passcode and fill in the following screen to complete setup.
If you do not complete setup withing a few minutes you may have to resend a code and a button will appear after 30 seconds to enable this.
Step 4c
Future Logins will be simpler in that after Step 1 the user will be progressed straight to Step 4b where they provide the SMS code. A user can update their number from the profile screen. If you want to change your authentication method or are having issues with your login contact your uSmart administrator who can reset your 2FA