The 2-Factor Authentication Add-on provides user accounts with an extra level of security. It requires users to enter a 6-digit code from an authenticator app in addition to a password when logging in.
Enabling the Add-on
- Click on "Account & Settings" and then click on "Integrations & Add-ons".
- Use the search field on the right and enter "2-Factor Authentication".
- Click on "Enable" under the add-on's section.
General Settings
Once the add-on has been enabled, you can select which user account types will support 2FA by clicking on the "Manage" link. There are three types of user accounts that can support 2FA:
- Company Administrator
- Staff Employee Accounts
- Teacher Accounts
User Settings
After you've selected the user account types that will support 2FA, those users will be able to setup 2-Factor Authentication for their Teachworks account.
The employees will need to follow the steps below to setup 2FA:
- Click on Account & Settings (Account if it's a teacher) at the top-right and then clicking on 2FA Settings.
- Download an authenticator app on a mobile phone. Below you can find some popular options with a link to download them on Android of iOS phones:
- After downloading an authenticator app, you'll need to open the app and scan the QR code or enter the setup key that is provided on the 2-Factor Authentication settings page manually into the authenticator app.
- Your authenticator app will now be connected to your Teachworks account and provide you with a 6-digit code. Enter the code displayed on your phone into the 2FA Field and then click on the "Enable 2FA" button to complete the setup:
Usage
After setup has been complete and 2FA is enabled, when you log into your Teachworks account going forward you will now need to enter a 6-digit code which you can access from your authenticator app:
Recovery Codes
After the initial setup, you'll be able to download Recovery Codes. These codes will allow you to log back into your account in case your token device is lost, stolen, or unavailable.
In the case that you are unable to access your token device, you can click on the "Use Recovery Code" link on the login page where you enter the 6-digit code. You'll then be prompted to enter a recovery code from the "Download Recovery Codes" file:
Disabling 2-Factor Authentication
2-Factor Authentication can be disabled from your user account at anytime and there are multiple methods that can be used to disable it:
- The first method to disable 2FA is to click on the "Disable 2FA" button at the bottom of the Settings page. This will allow you to disable 2FA without resetting the authenticator app, so you'll be able to keep the same code.
- The second method to disable 2-Factor Authentication your user account is to click on the "Disable 2FA & Reset Credentials" button on the right-hand side of the Settings page. This method will disable 2FA as well as reset your credentials on the authenticator app, which means you'll need to setup the authenticator app again if you wish to enable it in the future.
- The final method can only be used by company administrators. The company administrator can click on Employees -> Employee List and view an employee's profile. In the "User Account" section, they'll be able to click on the "Disable 2FA" link to remove 2FA from an employee's account.
This method would be used if an employee loses access to their token device and doesn't have access to the Recovery Codes. The company admin can disable 2FA and the employee will then be able to login and setup 2FA again.
Comments
0 comments
Article is closed for comments.