Two-factor authentication

Introduction

Two-factor authentication is designed to reinforce security when accessing the ProVconnect console.

By default, two-factor authentication is required for all ProVconnect users.

In addition to the password, each user has to enter a 6-digit PIN code to log in. This code is renewed every 30 seconds, and each user will have to generate it when logging in using an application designed for this purpose (e.g. Authy, Google Authenticator, Microsoft Authenticator, LastPass Authenticator, etc.).

Login process with 2-factor authentication

image-20240118-161417.png

 

Step 1: username and password

 

image-20240118-161459.png

Step 2: 6-digit pin code generated by your 2-factor authentication application

How to configure two-factor authentication

Two-factor authentication configuration will take place when a user logs in, if they haven't already set it up. After entering their username and password, users will see this configuration view:

The user then needs to follow these steps :

  1. Choose an application

    • Choose a TOTP pin code generation application for two-factor authentication. By default, we suggest four applications, but this list is not exhaustive. You can use whichever application you prefer, as there are plenty on the market.

  2. Add an account

    • Next, a new entry must be added to the chosen application. There are 2 ways of doing this:

      • you are using your two-factor authentication application on a camera-enabled device? Then simply scan the QR code in the ProVconect configuration view.

      • if you can't scan the QR code, most two-factor authentication applications offer you the option of manually entering a key to add an account. You'll find a "Copy secret key to clipboard" button below the QR code in the configuration view.

  3. Generate a PIN code

    • Once the account has been added to the two-factor authentication application, the application will generate a 6-digit pin code every 30 seconds.

  4. Validate the configuration

    • Simply enter this code in the field provided on the configuration view in ProVconnect and click on " sign in ".

  5. Done

    • That's it, two-factor authentication is configured for this user.

How to make two-factor authentication optional

First of all, we strongly advise against disabling two-factor authentication. This will reduce the security of access to your ProVconnect console.

By default, all users are forced to use two-factor authentication. However, if you wish to disable this requirement, you can do so in the ProVconnect console settings. To do this, you need to uncheck a box in "Settings > General settings > Authentication security settings".

This action can only be performed by a user with a "Super Administrator" profile.

If you uncheck this box :

  • all users of the console will be affected.

  • two-factor authentication will remain active for users who have already configured it, but they will now have the option of deactivating it

  • users who have not configured it will not be forced to do so when they log in. But they will still be able to configure two-factor authentication if they wish in their user account settings.

Â