Enhanced Login Security
Smarticks Two-Factor Authentication functionality empowers businesses to safeguard user accounts with an additional layer of protection using Time-based One-Time Passwords (TOTP).
Technical Overview:
- TOTP Verification: This method utilizes time-synchronized one-time codes generated by a mobile authenticator app on your device. These codes change periodically, adding an extra security step beyond the traditional password.
- Supported Authenticator Apps: Leverage popular free apps like Google Authenticator (Android/iOS) to generate TOTP verification codes. While other apps might function, Smarticks cannot guarantee their compatibility.
Configuration:
- Individual User Enablement: Users can independently activate Two-Factor Authentication from their profile settings. The activation process involves three steps:
- Download and install a chosen authenticator app on your mobile device.
- Scan the QR code displayed within Smarticks settings using your authenticator app.
- Enter the initial verification code generated by your authenticator app to complete setup.
- Administrator Enforcement: Administrators can enforce mandatory Two-Factor Authentication for all users within “Manage > Settings > Two-Factor Auth.”
Recovery Codes:
- Offline Access Option: Generate and store recovery codes during the Two-Factor Authentication setup process. These unique codes can be used to gain access in case you lose your mobile device or cannot access your authenticator app.
Troubleshooting:
- Lost Mobile Device: If a user with enabled Two-Factor Authentication loses their mobile device and lacks recovery codes, the administrator can disable Two-Factor Authentication for that specific user within “Manage > Individuals.”
- Administrator Login Issues: If an administrator enables Two-Factor Authentication for their account and encounters login difficulties due to lost mobile device or missing recovery codes, they can submit a support ticket to disable the functionality.
By implementing Smarticks Two-Factor Authentication, businesses can significantly bolster login security and mitigate unauthorized access attempts.
