Two-Step Verification helps protect your account by adding an extra layer of security. Besides of the Password, the user will need to type in extra security info. Usually, it is a code generated by a third party tool as Google, Microsoft Authenticator or Amazon MFA (Multi-Factor Auth).
This article covers 3 fundamental points: Turning on, Configuring it and Using Two-Step Verification in CentreStack.
1. How Turn on Two-Step Verification?
The Cluster Admin, need to access the Cluster Manager and go to Cluster Control Panel / Settings / Cluster Settings. Here enable '' and Save the changes
2. How to Configure Two-Step Verification?
Once the Two-Step Verification has been turned on, can be configured at multiple levels: Cluster Group Policies (affects the whole Cluster), Tenant Admin Group Policies (affect all Tenant users) and Role (only affects the particular users added to a Role). Always keep in mind that a change in higher level in the Policies overwrite the lowest levels.
For more details about the 2-Step Verification Settings, visit the Administration Guide.
The Cluster Admin scope applies to the whole cluster, all users will follow this policy.
- Login web portal as Cluster Admin
- Go to Default Group Policy / Account & Login / User Account / 2-Step Verification
Tenant scope only affects the users that belong to the Tenant.
- Login web portal as the Tenant Admin
- Go to Group Policy / Account & Login / User Account / 2-Step Verification
The Role scope applies to all the users assigned to a specific Role.
- Login web portal as Tenant Admin
- Go to User Manager / Role Manager / Create a new Role / Policies tab / Enforce 2-Step Verification on users
3. How to Use Two-Step Verification?
When Two-Step Verification has been enabled, but it is not forced for the User, once the user logs into the web portal session, can enable it.
- Login web portal as a User
- Go to the User's Menu at the top right / Two-Step Verification
Once enabled, follow the steps:
Step 1: Use your app to scan the barcode, or use the secret key (
the backup email that will be used when authenticator doesn't work or is not available
Step 4: Enable (if desired) Two-Step Verification for Desktop Clients or Mobile Applications
When Two-Step Verification has been Enabled by the User, after the user enters the password to authenticates, the system will ask for the Security Code
When Two-Step Verification has been Forced by the Admin, and the user hasn't configured from his side, the Two-Step Verification configuration will be prompted (shown above) when the user logs in web portal.