Two-Factor Authentication (BETA)
Celoxis Admins can enforce two-factor authentication (2FA) for all users and clients, thereby adding an additional level of authentication & boosting security. With 2FA enabled, all users logging in to Celoxis will be requested for an extra 6-digit code, in addition to the user's email and password.
To use 2-step verification, Celoxis users will require an authentication app either on your mobile phone or tablet that can generate a time-based, one-time password.
We have tested the authentication with Google and Microsoft authenticators, and it works as expected. Although we haven't tested with other apps, any authenticator app should work in a similar manner.
Enabling 2FA for Your Company
To enable 2FA for your company, follow the below steps:
- From the Top-Right Menu, select the Profile Icon.
- Click on Admin.
- Under Account Management, select Company Information.
- Click on Password Policies.
- Check the box labeled Enable Two-Factor Authentication. (as shown in the screenshot below).
As soon as the checkbox is clicked, the following message will be displayed:
Enabling this will force all users including you to set up two-factor authentication via their mobile device before continuing to use Celoxis. We recommend you to inform all your users and schedule this before enabling this option.
How does it work for an existing user?
Once 2FA is enabled for your company:
- If the user is currently logged-in, then that user will get automatically redirected to the configuration page (as shown in the screenshot below).
- If a user tries to login for the first time after 2FA is enabled, then the user will be redirected to the configuration page (as shown in the screenshot below) as soon as the user enters the username and password.
- Scan the QR code or enter the Secret Key into your Authenticator app. Once completed, click on Confirm.
Note: The configuration will not be complete until you click Confirm.
Once completed, the user will be redirected to the login page. Enter your username and password and the 6-digit verification code generated by your authenticator app > Login.
Reconfigure 2-Step verification
If you want to use 2-step verification on a different device, you can reconfigure your settings. We suggest installing an authenticator app on your new phone before adjusting your 2-step verification settings.
- From the Top Menu, select the People Icon > Profile. The My Settings page will open.
- Scroll down to the Login Details section, check the box labeled “Reset Two-Factor Authentication Setup,” and then click Save.
The remaining steps remain the same as described in "How does it work for an existing user?"
In case of a Lost Mobile?
Contact one of your account admins so that they can enable Reset Two-Factor Authentication Setup for you. You can then login and reconfigure your 2-step verification settings.
Steps to be followed by an Admin user:
- From the LHS main menu > Hover on More > Users.
- Click on the user name > Edit.
- On the Edit users page > Scroll below to the Login details section and Check the check box Reset two-factor authentication setup.
- You can then inform the user to reconfigure 2-step verification.