Two-Factor Authentication (2FA) works by adding an additional layer of security preventing unauthorize use of the account once the feature is activated. This extra security measure requires the user to verify their identity using a randomized 6-digit code from an authenticator application installed on their mobile phone.
How to activate 2FA?
- Login to FocalScope using your Organization Administrator credentials
- Select Screen > Administrator
- User Access Control > Users
- Select the user to activate 2FA from Right pane
- Select 2-factor auth > Request registration
2FA Enabled User Registration Experience
- Users are required to download Google Authenticator / Okta Verify or similar authenticator app on their mobile phone
- Upon the feature activation, FocalScope will prompt QR code for 2FA registration during initial login.
- Users will need to use the app on the mobile phone to scan the QR code and enter the code into FocalScope.
- Scanning the QR code is a 1 time process unless the 2FA registration reset carried out. This usually happens if user changed their mobile devices used for initial 2FA registration.
2FA Enabled User Login Experience (After Registration)
- User will still need to login using their credentials
- Upon successful authentication with their login credentials, they will be prompted to enter verification code (2nd Factor Authentication)
- The verification code must be obtained from the authenticator app used during registration
- A range of user accounts can be selected by using Shift+Mouse
- Select multiple user accounts by using Ctrl+Mouse
- Current status of 2FA for a user account is displayed in the `2-factor auth` column
- Use "Request registration" command to enable or reset the 2FA for a user account