Two-Step Verification helps protect your account by adding an extra layer of security. Besides of the Password, the user will need to type in extra security info. Usually, it is a code generated by a third party tool as Google or Microsoft Authenticator, Amazon MFA (Multi-Factor Auth).
This article covers 3 fundamental points: Turning on, Configuring it and Using Two-Step Verification in CentreStack.
1. How Turn on Two-Step Verification?
The Cluster Admin, need to access the Cluster Manager and go to Cluster Control Panel / Settings / Cluster Settings. Here enable '' and Save the changes.
2. How to Configure Two-Step Verification?
Once the Two-Step Verification has been turned on, can be configured at multiple levels: Cluster Group Policies (affects the whole Cluster), Tenant Admin Group Policies (affect all Tenant users) and Role (only affects the particular users added to a Role). Always keep in mind that a change in higher level in the Policies overwrite the lowest levels.
- Enforce 2-Step Verification on users: All users that belong to the Tenant will be forced to use Two-Step Verification
- Disable 2-Step Verification: Disable Two-Step Verification for this particular Tenant scope
- Do NOT enforce 2-Step Verification on guest users: When enforce 2-step verification for all users, guest user is not required to use 2-step verification
- (Role) Enforce 2-Step Verification on users (Only users assigned to the Role with this policy enabled will be forced to use Two-Step Verification)
The Cluster Admin scope applies to the whole cluster, all users will follow this policy.
- Login web portal as Cluster Admin
- Go to Default Group Policy / Account & Login / User Account / 2-Step Verification
Tenant scope only affects the users that belong to the Tenant.
- Login web portal as the Tenant Admin
- Go to Group Policy / Account & Login / User Account / 2-Step Verification
The Role scope applies to all the users assigned to a specific Role.
- Login web portal as Tenant Admin
- Go to User Manager / Role Manager / Create a new Role / Policies tab / Enforce 2-Step Verification on users
3. How to Use Two-Step Verification?
When Two-Step Verification has been enabled, but it is not forced for the User, once the user logs into the web portal session, can enable it.
- Login web portal as a User
- Go to the User's menu at the top right / Two-Step Verification
Here, follow the steps:
Step 1: Use your app to scan the barcode, or use the secret key (
the backup email that will be used when authenticator doesn't work or not available
Also, User can enable Two-Step Verification for Desktop Clients or Mobile Applications.
When Two-Step Verification has been Enabled by the User, after the user enters the password to authenticates, the system will ask for the Security Code.
When Two-Step Verification has been Forced by the Admin, and the user hasn't configured from his side, the Two-Step Verification configuration will be prompted (shown above) when the user logs in web portal.