Two-factor authentication (2FA) or 2 Step verification requires a person to verify their identity in two unique ways to access a system. 2-Step Verification adds an additional layer of security to the users' accounts by actively involving the user in the process of ensuring their account's safety.
If a password has been compromised, the password alone isn't enough to log in to the account; the security key or OTP that is generated needs to be keyed in to gain access to the account. This effectively renders the compromised password useless.
Benefits of 2-Step Verification
- Stronger security due to an additional layer for authentication
- Reduced risk of compromised credentials
- Compatibility with Single Sign On
With 2-Step Verification, you will sign in to your account in two steps.
Step 1 is something you know, for instance, your email id and password
Step 2 is something you have such as an access code delivered to your phone or another device
MoEngage currently supports 2-Step Verification by apps such as Google Authenticator and Authy.
2FA Setup - Admin
To enable 2-Step Verification, access the settings on the MoEngage Dashboard.
We have revamped our dashboard settings UI. The navigations for 2-Step verification in the old and revamped UIs are illustrated in the following images.
Navigate to Settings -> Security -> 2-Step Verification in the MoEngage Dashboard.
Navigate to Settings >> Login settings >> 2-Step Verification.
- Click Set up device.
- Download an authenticator app like Google Authenticator App or Authy.
- Click +.
- Click Scan barcode.
- Scan the QR code and enter the authentication code to complete the setup.
Once enabled, subsequent logins into the dashboard will require you to enter your second authentication.
You can also download your recovery codes. Recovery codes are one-time backup codes that can be used to access your account. MoEngage provides a set of 10 recovery codes.
Enable 2-Step Verification for all Users
Toggle Enable to activate 2FA for all users.
Once Enable toggle is turned on, the following screen appears.
After confirmation, 2-Step Verification is enabled for all the user accounts in your teams. Select the Send email to your team to email all 2-Step Verification enabled accounts in the team.
Click the Report link below Enable to download details of all the team's accounts and see the status of 2-Step Verification for each account.
2FA Setup - User
- Once the admin/MoEngage has enabled 2-Step Verification, you see the following screen whenever you log in next.
- Enter your work email address.
- Click Setup your device.
- Download any authenticator app - Google Authenticator App or Authy (or by searching for Google Authenticator on Android Play Store or iOS App Store). Scan the QR code and enter the 6-digit verification code to complete the setup.
- All the subsequent logins to the dashboard require you to enter your second authentication.
2FA Login - User
- The system routes you to an additional step after validating your email and password.
- Enter the verification code that is displayed on the authenticator app.
2FA Setup - Authenticator
Inability to setup 2FA - Authenticator
2 Step Verification may not have been enabled for your account. In such a case, you will see the following screen when you click on Settings >> 2-Step Verification
Click Enable, and you'll see the following screen.
Send a request to MoEngage to enable 2- Step verification for your account. Within a couple of hours of raising the request, 2-Step Verification will be enabled for your account.
Authentication Device Unavailable
In case of unavailability of your authentication devices, either due to loss or purchase of a new device, Click Enter 2-step recovery code and use one of the downloaded recovery codes (You would have downloaded a set of 10 one-time usable recovery codes when setting up 2-Step Verification).
Unavailability of recovery codes
You can choose to receive the login link in your email account. Click the link in the email to reset your 2-Step Verification.
You need to re-configure your device.
If you are facing challenges with 2 Step Verification, perform the following steps and try again:
- The 2FA code has a validity of 30 seconds. Hence, ensure that the device you are trying to access MoEngage from and the device the authenticator is installed on have the same timezone.
- Clear the browser’s cookies & cache
- MoEngage hosts each customer in a different datacenter. Ensure that you are using the correct URL for your application to login. You can find the correct login URL by referring to the DC and API endpoint mapping here.
- If you are not receiving the email to reset your authenticator device, ensure that your administrative team has not blocked the MoEngage domain.
If you are still facing challenges after performing the above steps, reach out to email@example.com.