Introduction
Introduction
In the contemporary business landscape, data security is paramount. Two-Factor Authentication (2FA) in Empress is a feature designed to bolster the security of your user accounts. This feature provides an additional layer of protection against unauthorized access by requiring a second form of verification during the login process.
Activating 2FA
To activate 2FA, you would need to set a command in your Empress site. This command might sound technical, but it’s merely a way of telling the system to switch on this security feature.
Once 2FA is activated, you’re required to define your One-Time Password (OTP) validation method. There are two options to choose from:
- OTP App: This method uses a Time-Based One-Time Password (TOTP) that can be generated by a soft or hard token.
- Email/SMS: This method uses a HMAC-Based One-Time Password (HOTP) delivered via Email or SMS.
If you select the OTP App method, you’ll need to specify the expiry time for the QR Code on the server and the OTP Issuer Name.
By default, activating 2FA enables it for all users under the ‘All’ role, including the Administrator. But don’t worry, you can limit 2FA to specific roles by unchecking the ‘Two Factor Authentication’ box under the ‘All’ role and enable it for other roles. Note that 2FA does not apply to Web Users and API logins.
For the SMS authentication option, ensure your SMS settings are updated.
If you prefer Email authentication, make sure your outgoing Email account settings are updated.
First-Time Login with 2FA
When a user attempts to login for the first time after 2FA activation and OTP App selection, an email containing a QR Code link is sent.
Scanning this QR Code with an authentication app, like Google Authenticator, registers user access and starts generating tokens for login.
If you choose Email/SMS as your method of authentication, notifications are also sent via the chosen method.
Troubleshooting
In case you’re unable to login even after following the entire process, remember that Empress uses the TOTP-based OTP algorithm, which relies on your device’s system time. Ensure the time setting on your device matches your Empress server’s time to avoid login issues.
Conclusion
Two-Factor Authentication (2FA) in Empress significantly enhances your business’s data security by adding an additional verification step during login. By leveraging this feature, you can provide an extra layer of protection for your data and maintain peace of mind about your business’s digital security. For further assistance or resources, consider reaching out to the Empress support team or community forums.