Redirecting to default login.. Two-factor authentication (2FA)
  1. Home
  2. Access and Setup
  3. Two-factor authentication (2FA)
Searching...

Two-factor authentication (2FA)

Contents

Overview

Two-factor or multi-factor authentication (2FA or MFA) is a pillar of the ALTA best practices. It requires the user to enter something that they know (e.g., a password) and something they have (e.g. a 6-digit number that changes). The Resware website supports 2FA; the Resware windows interface does not support 2FA. The 2FA method that Resware currently supports is using an authentication app, such as Google Authenticator.

This demonstrates how to set up and use two-factor authentication.

Version history

VersionDateMantisDescription
9.7.809.9.293/13/202018549Functionality available

Internal user roles

Admin>Internal User>Roles

The following internal user roles are available and typically given to users that will administer two-factor authentication methods.

  • In the General Access Roles area, enable the Admin: ResWare Options and Admin: Two Factor Authentication Methods roles.

Note: Both roles are enabled for those in the Administrator internal user role group by default.

2FA Setup

Admin>General Setup>Two Factor Authentication Methods

  • Check Enabled to use the two-factor authentication functionality in Resware. Note: This is enabled by default.
  • Enter an identifying name as the Issuer. The issuer name and the partner/consumer username will appear in the authenticator application and be used to identify the code generated.

Resware options

Admin>General Setup>ResWare Options>Website

This is used to set defaults for using 2FA and updating all users to use 2FA.

  • Check Default Partner Employees to Using 2FA to require all new partner employees and consumers to use 2FA.
  • Click Update All Users to Use 2FA to require all existing partner employees and consumers to use the 2FA button. Note: This button will only be enabled if the above checkbox is enabled.

Partner employees

Admin>Partners>Edit Employee

Partner employee 2FA settings can be enabled, disabled, and reset individually. If the Resware option Default Partner Employees to Using 2FA is enabled in the previous step, the employee’s 2FA setting will be enabled by default.

  • In the Website Access area, check Use 2FAto enable and require the employee to use 2FA on the website. Note: The next time they log into the website, they will be required to configure 2FA.
    • If this is left unchecked, the employee still has the ability to enable 2FA by clicking My Account on the website. If 2FA is currently configured for an employee, the Reset 2FA button will be enabled. Clicking this button and saving will reset the 2FA setup for the employee.
  • In the Website Access area, click Reset 2FAto reset the 2FA configuration and:
    • If the Use 2FA checkbox is enabled or if not, by checking the Use 2FA checkbox, the employee will be required to configure 2FA upon successfully logging into the website. 
    • If the Use 2FA checkbox is disabled or if not, by unchecking the Use 2FA checkbox, the employee will not be required to configure 2FA when logging into the website.

Website

When 2FA is required and needs to be configured, a partner employee will be directed to the My Account panel upon successful login to the website.

  • In the 2-Factor Authentication area, the Method defaults as Authentication App in the drop-down menu. This is the only available option at this time.
  • Click Begin Setup.
  • Select the applicable link to download the Google Authenticator or another TOTP authenticator app using a smartphone.
  • Once the authenticator is installed, login to the website to return to the My Account panel and click Begin Setup. Click Next, Next, Next.
  • Scan the barcode using the authenticator app.
  • Enter the verification code generated, then click Verify. If the success message is received, then click Next.

When 2FA is configured for an employee, the validation code prompt will be requested immediately after the employee logs into the website.

If Remember this computer is checked, then a code will not be requested on a known device upon every login.

When 2FA is not required, an employee can click Enable and complete the above steps to configure two-factor authentication. Disabling the two-factor authentication to a user can only be done by an administrator in Resware.

Consumers

Admin>Consumers>Edit Consumer

This can enable, disable, and reset 2FA for a consumer. See the partner employee section above for details on the new Use 2FA checkbox and Reset 2FA button.

Website

When 2FA is required and needs to be configured, a consumer will be directed to the My Account panel upon successful login to the website. Set up and use are the same as the steps shown above in the partner website section.

Updated on January 5, 2022

Need Support?

Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support

Submit a Support Request