Unlock Black Friday Savings: Flat 20% Off on IAM, CIAM, & PAM Licenses - Claim Now
 +1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

Configure MFA Methods for EndUsers

Why you need Two-Factor Authentication?

Passwords are everywhere, users use them to access their money, do communication etc. At first, we used one password for everything but that wasn’t good enough so we started making our passwords more complicated with a combination of numbers, uppercase/lowercase letters & even special characters. But no matter how complex your password or the password management system is, it is never enough to prevent account takeover because all it takes is one simple phishing email or database breach and your password is out in the world. So, if passwords are impossible to protect, how do you protect your account?

That’s where two-factor authentication comes in. 2FA adds another method of identity verification in order to secure your accounts. First thing you know – Your username and password. Something unique that you have – Your phone or fingerprint. By combining your username and password with the second method your access becomes more secure and impossible for an attacker to pass it even if they have your password.

Configure 2FA for Endusers

To Configure two-factor authentication (2FA) for users you need to select one of the method from  "default Authentication methods" section. Authentication methods include OTP over SMS, OTP over email & OTP over both SMS and email. You can choose Authentication methods for your end-users in the following way:

Here you can see four main functionalities to configure 2-Factor Authentication for Users:

    1. Select Default 2FA Authentication Method for your EndUsers:

    • In this method, you can select default method for end users.
    • Let's say you want to set EMAIL as default method for your end-users.
    • Simply, click on radio button to choose EMAIL option.
    • Then click on Save.
      • Enable 2FA method for EndUsers select EMAIL

    • To verify, the Partner Portal has to select the Users tab from the left navigation bar.
    • And click on the Search Users.
      • Go to users and then select search users

    • Now you can check for the end-user and the corresponding second factor type.
    • Firstly, enter the User Email and then click on Search to get details.
      • Enter user email and click search

    • If the default 2FA method set by you is the same as the second factor type over here, then you have configured successfully.
      • verify the user and its 2FA method

    2. Select the 2FA methods allowed to be shown to end-users

    • The Partner Portal has a choice to show the end-users all or any combination of 2FA methods.
    • The below screenshot depict that all 2FA methods which are shown to the end-users.
      • 2fa methods shown to end users

    • Suppose Partner Portal choices some other combination then, he/she has to enable and disable the toggle accordingly.
    • Then click on save.
    • So in the end-user dashboard, he would be just able to see the above enabled methods to set 2FA for himself.

    3. Verify 2FA for end-users

    • Click on Customization >> Branding Configuration from the left side menu.
      • Go to Customization and select Branding Configuration

    • Here you will see Login Page URL for Organization's users.
      • In Custom Organization URLs copy user Login Page URL

    • Copy this Login Page URL in browser and enter miniorange credentials. Now you will be redirected towards end-user dashboard.
    • Now from the left panel click on configure 2FA in end-user dashboard.
    • Here you will see the methods you selected for the particular end-user.
      • configure 2FA for users accordingly

    • Now you can configure default method for end users accordingly.

    4. Select alternative 2FA method during login time

    • If this option is enabled, users will be allowed to select a 2FA method during the login process.
      • alternate login method to enable 2FA for users

    • Click Save.

    5. Enable 2FA for additional Admin Accounts

    • At the login time, click on toggle to enable 2-Factor (MFA) for additional admin accounts.
      • eanble 2fa for additonal admin accounts

    • Then click on Save.