In order to increase the security and better control the access to your data, you can now enable a two factor authentication for your operators
Solution
Registration
When the customer logs in for the first time, he will be invited to install Google app on his mobile after having entered his (correct) password.
The operator just has to scan the appropriate QR code above with his mobile phone and the app will be displayed in the corresponding app store. If he has already installed the app, he can skip this step.
In the second step (triggered by clicking on the NEXT button), he has to register a secret key on Google Authenticator. To do so, the operator launches the app on his mobile and scans the QR code displayed on the screen below:
Login
After the registration process above (or after having entered the correct password if the registration process has already been performed previously), the operator is invited to enter the six digits code:
displayed by Google Authenticator:
Phone lost/replaced
If an operator has to replace his phone, he needs to ask an administrator to click on the CHANGE PHONE button displayed below.
The operator simply needs to perform the registration process described above with his new phone. In case of loss or theft, the (illegitimate) holder of the old mobile phone won't be able to login because the six digits code displayed by Google Authenticator on the old mobile phone are still based on the old secret key that isn't used anymore by SecuTix.
Getting started
The use of the two factor authentication process will have some impact on your operators. They will have to get an app on their mobile phone and have their mobile phone ready when logging in to SecuTix. As a result, in order to give you some time to inform your operators, this feature isn't enabled by default. Once you're ready, please send a request to our service team to enable the feature for your institution.
You may decide to enable the two factor authentication for a subset of the operators only, for example for the administrators having extended access rights. To do this, you will have to:
- Send a request to our service team to enable the feature
- Define for each operator if (s)he has to use the two factor authentication
The two factor authentication will be enabled by default for all new operators created after the two factor authentication has been enabled by our service team for your institution. You can disable or enable the two factor authentication for a given operator at any time.
Improve security and data protection
SecuTix advises you to enable the two factor authentication to increase security. Of course, your operators need to be informed about the registration and login process.
