2 Step Verification

Overview

Two-factor authentication (2FA) or 2 Step verification requires a person to verify their identity in two unique ways to access a system. 2-Step Verification adds an additional layer of security to the users' accounts by actively involving the user in the process of ensuring their account's safety.

If a password has been compromised, the password alone isn't enough to log in to the account; the security key or OTP that is generated needs to be keyed in to gain access to the account. This effectively renders the compromised password useless.

Benefits of 2-Step Verification

  • Stronger security due to an additional layer for authentication
  • Reduced risk of compromised credentials
  • Compatibility with Single Sign On

With 2-Step Verification, you will sign in to your account in two steps.

Step 1 is something you know, for instance, your email id and password
Step 2 is something you have such as an access code delivered to your phone or another device

info

Note

MoEngage currently supports 2-Step Verification by apps such as Google Authenticator and Authy.

2FA Setup - Admin

To enable 2-Step Verification, access the settings on the MoEngage Dashboard.

info

Information

We have revamped our dashboard settings UI. The navigations for 2-Step verification in the old and revamped UIs are illustrated in the following images.


Revamped UI Old UI

Navigate to Settings -> Security -> 2-Step Verification in the MoEngage Dashboard.

Security_2StepVerification_RevampedUI.png

  1. Click Set up device.
  2. Download an authenticator app like Google Authenticator App or Authy.
    mceclip0.png
  3. Click +.
    mceclip1.png
  4. Click Scan barcode.
    mceclip2.png
  5. Scan the QR code and enter the authentication code to complete the setup.   
         
    DeviceAuthentication.png
    Once enabled, subsequent logins into the dashboard will require you to enter your second authentication.
info

Note

You can also download your recovery codes. Recovery codes are one-time backup codes that can be used to access your account. MoEngage provides a set of 10 recovery codes.

Enable 2-Step Verification for all Users

Toggle Enable to activate 2FA for all users.

Enable_for_Team_Mates.png

Once Enable toggle is turned on, the following screen appears.

Enable_2_Step_Verification_for_team.png

After confirmation, 2-Step Verification is enabled for all the user accounts in your teams. Select the Send email to your team to email all 2-Step Verification enabled accounts in the team. 

info

Note

  • Admins can enable and disable 2-Step Verification for all users and also make it mandatory for all users to have 2-Step Verification.
  • MoEngage recommends that admins enable 2-Step Verification for every user in the system.

Click the Report link below Enable to download details of all the team's accounts and see the status of 2-Step Verification for each account.

2FA Setup - User

  1. Once the admin/MoEngage has enabled 2-Step Verification, you see the following screen whenever you log in next.
  2. Enter your work email address.
    mceclip0.png
  3. Click Setup your device.
  4. Download any authenticator app - Google Authenticator App or Authy (or by searching for Google Authenticator on Android Play Store or iOS App Store). Scan the QR code and enter the 6-digit verification code to complete the setup.
    mceclip1.png
  5. All the subsequent logins to the dashboard require you to enter your second authentication.

2FA  Login - User

  1. The system routes you to an additional step after validating your email and password.
  2. Enter the verification code that is displayed on the authenticator app.

    Screenshot_2020-07-31_at_4.12.12_PM.png

2FA Setup - Authenticator

We recommend using Google Authenticator or Authy app for setting up 2 Step verification. You can download the Google Authenticator either from the App Store or through the following links.

Inability to setup 2FA - Authenticator

2 Step Verification may not have been enabled for your account. In such a case, you will see the following screen when you click on Settings >> 2-Step Verification

2StepVerification_NoAccess.png

Click Enable, and you'll see the following screen.

Request2StepVerification.png

Send a request to MoEngage to enable 2- Step verification for your account. Within a couple of hours of raising the request, 2-Step Verification will be enabled for your account.

Authentication Device Unavailable

In case of unavailability of your authentication devices, either due to loss or purchase of a new device, Click Enter 2-step recovery code and use one of the downloaded recovery codes (You would have downloaded a set of 10 one-time usable recovery codes when setting up 2-Step Verification). 

Screenshot_2020-07-31_at_4.15.10_PM.png

Unavailability of recovery codes

You can choose to receive the login link in your email account. Click the link in the email to reset your 2-Step Verification.

Screenshot_2020-07-31_at_4.17.08_PM.png

warning

Warning

You need to re-configure your device.

Troubleshooting Guide

If you are facing challenges with 2 Step Verification, perform the following steps and try again:

  • The 2FA code has a validity of 30 seconds. Hence, ensure that the device you are trying to access MoEngage from and the device the authenticator is installed on have the same timezone.
  • Clear the browser’s cookies & cache
  • MoEngage hosts each customer in a different datacenter. Ensure that you are using the correct URL for your workspace to login. You can find the correct login URL by referring to the DC and API endpoint mapping here.
  • If you are not receiving the email to reset your authenticator device, ensure that your administrative team has not blocked the MoEngage domain.

If you are still facing challenges after performing the above steps, reach out to support@moengage.com.

Was this article helpful?
3 out of 9 found this helpful

How can we improve this article?