Overview
Two-factor authentication (2FA) or 2 Step verification requires a person to verify their identity in two unique ways to access a system. 2-Step Verification adds an additional layer of security to the users' accounts by actively involving the user in the process of ensuring their account's safety.
If a password has been compromised, the password alone isn't enough to log in to the account; the security key or OTP that is generated needs to be keyed in to gain access to the account. This effectively renders the compromised password useless.
Benefits of 2-Step Verification
- Stronger security due to an additional layer for authentication
- Reduced risk of compromised credentials
- Compatibility with Single Sign On
With 2-Step Verification, you will sign in to your account in two steps.
Step 1 is something you know, for instance, your email id and password
Step 2 is something you have such as an access code delivered to your phone or another device
| info |
Note MoEngage currently supports 2-Step Verification by apps such as Google Authenticator and Authy. |
2FA Setup - Admin
To enable 2-Step Verification
- Navigate to Settings >> Login settings >> 2-Step Verification.
- Click Set up device.
- Download an authenticator app like Google Authenticator App or Authy.
- Click +.
- Click Scan barcode.
- Scan the QR code and enter the authentication code to complete the setup.
Once enabled, subsequent logins into the dashboard will require you to enter your second authentication.
| info |
Note You can also download your recovery codes. Recovery codes are one-time backup codes that can be used to access your account. MoEngage provides a set of 10 recovery codes. |
Enable 2-Step Verification for all Users
Toggle Enable to activate 2FA for all users.
Once Enable toggle is turned on, the following screen appears.
After confirmation, 2-Step Verification is enabled for all the user accounts in your teams. Select the Send email to your team to email all 2-Step Verification enabled accounts in the team.
| info |
Note
|
Click the Report link below Enable to download details of all the team's accounts and see the status of 2-Step Verification for each account.
2FA Setup - User
- Once the admin/MoEngage has enabled 2-Step Verification, you see the following screen whenever you log in next.
- Enter your work email address.
- Click Setup your device.
- Download any authenticator app - Google Authenticator App or Authy (or by searching for Google Authenticator on Android Play Store or iOS App Store). Scan the QR code and enter the 6-digit verification code to complete the setup.
- All the subsequent logins to the dashboard require you to enter your second authentication.
2FA Login - User
- The system routes you to an additional step after validating your email and password.
- Enter the verification code that is displayed on the authenticator app.
2FA Setup - Authenticator
We recommend using Google Authenticator or Authy app for setting up 2 Step verification. You can download the Google Authenticator either from the App Store or through the following links.
Inability to setup 2FA - Authenticator
2 Step Verification may not have been enabled for your account. In such a case, you will see the following screen when you click on Settings >> 2-Step Verification
Click Enable, and you'll see the following screen.
Send a request to MoEngage to enable 2- Step verification for your account. Within a couple of hours of raising the request, 2-Step Verification will be enabled for your account.
Authentication Device Unavailable
In case of unavailability of your authentication devices, either due to loss or purchase of a new device, Click Enter 2-step recovery code and use one of the downloaded recovery codes (You would have downloaded a set of 10 one-time usable recovery codes when setting up 2-Step Verification).
Unavailability of recovery codes
You can choose to receive the login link in your email account. Click the link in the email to reset your 2-Step Verification.
| warning |
Warning You need to re-configure your device. |