This article shows how new admin users can use Two-Factor Authentication to verify user accounts.
Two-Factor Authentication (2FA) is a new feature which is currently in beta for new organisations only. Please contact your Timescapes representative if you would like to enquire about 2FA.
Current Access to Two-Factor Authentication:
- For new organizations, Mandatory MFA can be enforced for all users accessing the organization.
- NB: this must be enabled before inviting any Users. It currently cannot be enabled afterwards, though this will change in the future.
- Any individual user can opt-into MFA if they wish.
Resetting Users’ Accounts with Two-Factor Authentication enabled
If a user loses their authentication device, i.e. their mobile phone, it is important to reset the code with a new trusted device. To prompt the user to reset their 2FA, follow these steps:
- Verify the request is truly coming from the user. This can be done by confirming they asking on a verified / trusted communication channel, or asking them to confirm on an internal communication channel. If you suspect email communications have been compromised, send them the reset once email passwords have been reset.
- Log in to Timescapes, and navigate to the Users Tab
- Click the three dots beside the user’s name and choose ‘Reset Two Factor Auth’
- This will send them a prompt to reset their 2FA to their email inbox.
