Its important that your account with Intelligentcontract.com remains secure. In line with other cloud based services we have introduced the option to secure your account with Two-Factor Authentication.
What is two-factor Authentication?
By default, your Intelligentcontract.com account is accessed using a username (normally your email address) and a password.
When a user switches on this feature for their account they will also be prompted for a 6-digit number. This number is generated on a smart device and changes every 30 seconds. If the user types the correct number access is granted.
Username/password and this second level of security based on a 6-digit number is what is known as Two Factor Authentication.
Switching on two-factor Authentication for a User
Each User has the option to switch on Two Factor Authentication for their individual login. To switch on this feature:
- Click on the profile icon and access My Settings
Fig 1 Profile Card
- The option for Two Factor Authentication will be displayed
Fig 2 User Settings
- Click on Enable Two factor Authentication to activate this feature
- Instructions on where to download the app for your smartphone device will be presented – the three major platforms of iphone, Android and Windows are supported. At this stage the user will need to download the App ready for use.
- A QR code (similar to the example shown below) will be presented on screen. While the downloaded App is open, the smartphone camera can be used to scan this code and set up the secure generator. The smartphone will now show the revolving 6 digit secure numbers
Fig 3 Scan example
- The account is now ready for Two Factor Authentication on next login
Switching on 2 Factor Authentication for an account
If you wish to switch on 2 Factor Authentication for your global account then there is a setting in the Configuration area to allow this.
Navigate to => Configuration => Manage Account Configuration
Set the option of 'Force Users to use two-factor authentication' to 'Yes'
Fig 4 - Global account setting for two-factor authentication
Once set when your Users login for they will be presented with this screen, they will not be able to access any of the account other than this screen.
Fig 5 - Manage two-factor authentication for User first time login
- Users should download the correct authenticator app to their phone
- Click on the orange [Enable two-factor-authentication] button on this page
- A QR code (similar to the example shown below) will be presented on screen. While the downloaded App is open, the smartphone camera can be used to scan this code and set up the secure generator. The smartphone will now show the revolving 6 digit secure numbers
- Enter the 6 digit number and press [Submit] you will then be logged into your account
Fig 6 - Scan QR code for access
When the User tries log into the account going forward, after they have entered their Username and password in the sign in screen, they will be prompted to enter the 6 digit number in this screen, once done it will log them into the account.
Request for the 6 digit code will happen every time they want to login.
Fig 7 - Prompt for two-factor code
What to do if a user loses access to their QR Code
If a user loses access to their QR code (for example. they begin to use a new Mobile Smart Phone) then they will need to re-enable the authentication process on their alternative device.
An admin user is able to disable 2 factor authentication for an individual user. This can be achieved by an admin user logging into a user's account disabling 2 factor authentication in their profile settings page.
On next login, the user is able to re-enable their 2 factor authentication and will be presented with a new QR code for setting up the token.