Two Factor Authentication (2FA)

Public

Overview

Two factor authentication (also known as 2FA) is a method of confirming a user's identity by using a combination of two components. PageUp offers our clients the ability to implement two factor authentication, increasing security by asking for an additional authentication factor and making it more difficult for others to gain unauthorised access to your PageUp account. PageUp predominantly supports two factor authentication by asking users to enter a security token in addition to their username and password.

Configuration

Enabling IP Restriction

To setup two factor authentication, you need to first enable restriction by Internet Protocol (IP) Address. Depending on which portal you are looking to implement the IP restriction and two factor authentication, add the allowed IPs to the respective features below:

  • Login subnet filtering (Admin system)
  • Login subnet filtering (Employee Self-Service)

Enforcing 2FA

To enable 2FA via token when users are outside of the subnets (specified in the features above), enable the System settings feature External subnet access.

To enforce 2FA for all login attempts, add a local IP that no user will ever be in.
Once enabled and a user tries to log in, they will receive the following message: You have attempted to access the system from outside an approved network. and will be asked to enter a token.

2fa-2017

Note

  • For Admin system - Users must have either a mobile number or email set up in their profile for 2FA to take effect.
  • For Employee Services - Users must have a mobile number set up in their profile for 2FA to take effect.

 

The user will then receive the security token via email and SMS.

PageUp Security Token email

Example SMS: 123456789 is your security token from PageUp People for access to the system. The token is valid for 10 minutes from the time of request, 5:02pm 29 Mar 2018.

In the event that a user enters the inforrect token, they will need trigger a new request for a token .The system will not send a new 2FA token when the token is entered incorrectly by a user.

 

Note: SMS charges apply as stipulated in the ASP Agreement

If you need any assistance in setting up this configuration, please contact PageUp.

Comments

0 comments

Article is closed for comments.