Setting up two factor authentication 2FA
Two-factor authentication (2FA) is a mechanism that double checks your identity is legitimate. The intention is to provide stronger protection against unauthorised access to user accounts.
There are three different methods to enable two-factor authentication for your users. You can find a step-by-step guide for each below:
How do I set up 2FA at MAT level?
Please be aware that you can only set up two-factor authentication at MAT level if you are a MAT Admin user.
To enable federated login, you will need to configure the Domain Value and Domain Token of your chosen domain. To do this, you will need the assistance of an IT Administrator with access to the property or MAT domain (DNS).
Domain ownership change is also possible, which is useful when the administration of a particular property is moved from one trust to another.
Step One
Expand the Multi-Site menu at the top of your left-hand navigation bar, then go to MAT Admin and click on Main Settings.
Step Two
On the Main Settings page, scroll down until you find a checkbox marked 'Required 2FA'. If you would like to enable two-factor authentication for your MAT, this box should be ticked.
Step Three
You will then need to set up the federated login domain for your MAT. Do this by selecting the green 'Set Up Federated Login' button below your MAT Details.
Step Four
This will load a window prompting you to enter the domain name of the user accounts at this property. The domain name is whatever appears after the '@' symbol in all email addresses associated with your chosen property. One you have entered you chosen domain name, click 'Add'.
Step Five
Once the domain name has been added, it will appear in a table of domains below. Click the eye icon of your newly entered domain to view a window displaying its Domain Value and Domain Token.
How do I set up 2FA at property level?
Please be aware that you can only set up two-factor authentication at property level if you are an Admin user for this property.
To enable federated login, you will need to configure the Domain Value and Domain Token of your chosen domain. To do this, you will need the assistance of an IT Administrator with access to the property domain (DNS).
Domain ownership change is also possible, which is useful when the administration of a particular property is moved from one trust to another.
Step One
Go to the Admin page at the bottom of the left-hand navigation menu. At the top of the Admin page, find the blue 'Property Details' tab, and click this.
Step Two
At the bottom of the 'Property Details' section, you'll see a checkbox marked 'Requires 2FA'. If you would like to enable two-factor authentication across your property, make sure this is ticked.
Step Three
You will then need to set up the federated login domain for your property. Do this by selecting the green 'Set Up Federated Login' button below your Property Details.
Step Four
This will load a window prompting you to enter the domain name of the user accounts at this property. The domain name is whatever appears after the '@' symbol in all email addresses associated with your chosen property. One you have entered you chosen domain name, click 'Add'.
Step Five
Once the domain name has been added, it will appear in a table of domains below. Click the eye icon of your newly entered domain to view a window displaying its Domain Value and Domain Token.
How do I set up 2FA at user level?
Step One
Head to your name at top-right of your screen. Expand this menu and click 'My Account'.
Step Two
In the Account Details section, expand the panel titled 'Two-Factor Authentication' and then click the green 'Enable 2FA for User' button.
With this set up Every will, by default, generate a 6-digit code and send this to your email. You then need to enter this code within 30 seconds to confirm your identity when logging in. If this is how you would like your 2FA to be set up, then you can stop here.
However, if you wish to change this to use an authenticator app, please continue through the following steps.
Step Three
Download an appropriate authenticator app to your mobile device, such as Microsoft Authenticator or Google Authenticator.
Now click 'Configure Auth App' back on Every to bring up a QR code to scan into your authenticator app set up.
Step Four
The authenticator app will then provide you with a code to enter into the 'Verification Code' field to confirm the connection. Click 'Verify' to save your setup.
How can I advise my users to set up their own 2FA?
Once two-factor authentication has been enabled across your property or MAT, it is important that all your Every users set it up on their accounts.
We have created a step-by-step guide below which can be distributed to your staff to explain how to do this.