Two-factor authentication

The Two-factor authentication functionality provides higher security when logging in by requiring the user to authenticate using two-step verification/login. Every time the user logs in, an additional code will be generated and sent to the user, which he/she should enter.

This functionality can be enabled at  Settings -> System settings -> Enterprise functions -> Two-factor authentication (2FA).

If this function is enabled:

• It is possible to force users to perform 2-step verification when signing in (configured per user).
• Users must use their smartphones (iOS,  Android, or BlackBerry only) to generate and enter a special code to sign in.

Please do not try to switch that On without understanding how it works.

Enabling two-factor authentication (2FA) for logging in

1. Enable it at Settings -> System settings -> Enterprise functions -> Two-factor authentication (2FA).
2. Install the Google Authenticator app on the user's phone who will use 2FA:
   • iOS: https://itunes.apple.com/us/app/google-authenticator/id388497605
   • Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2
   • BlackBerry:  https://appworld.blackberry.com/webstore/content/29401059
3. Go to Settings -> Human Resources and open the user's details page.
4. Enable Two-factor authentication (2FA) for the user and Save changes.
5. Click the link to Show the 2FA key.
6. Open the Google Authenticator app.
7. Click Begin Setup or +.
8. Click Scan barcode and scan a QR-code that is displayed,
   or click Manual entry.
9. Enter the key to field Key.
10. The account can be your MRPeasy username.
11. Time-based must be turned on.

If the 2FA box is checked for a particular user, the software will ask them to enter the authentication code whenever they log in. The user should:

1. Open the Google Authenticator app.
2. Enter the code that is generated by the app.