This article outlines the configuration and use of Two-Factor Authentication (2FA) Security for System Administrators.
Two-Factor Authentication (2FA) is a form of multi-factor authentication intended to confirm a user's identity by utilizing a combination of identifying pieces of information to successfully login to the system.
Accessing 2FA Settings
To access the Two-Factor Authentication settings for the system, click the Launchpad icon and choose Setup. Click the Settings tab on the top of the screen, then click the Two Factor Authentication settings tab which can be found listed in the right sidebar under Advanced Options.
Configuring 2FA Settings
Once the admin has accessed the settings, Two-Factor Authentication can be enabled or disabled for the entire site. Additional settings are also available which control options available for the end user to leverage during the 2FA user configuration and login process.
Enabling this setting requires that all users in the system utilize two-factor authentication during their login process.
Enable Trusted Devices
With this setting is enabled, a checkbox appears during the code verification process for the user to register the workstation they are logging in with as a trusted device.
This checkbox is not displayed when this setting is disabled. Under those conditions, it will require that the user verify their identity using 2FA each time they login.
Trusted Device Time Limit
This dropdown menu provides the admin with options as to the amount of time the user's workstation is considered a trusted device. Options available include 7, 14, 30, and 90 days.
Allow Email Authentication
Enabling this setting allows the user to receive authentication codes at the email address associated with the user's Clarity account. The option to utilize email authentication will appear in the user's set-up dialog.
With this setting disabled, the 2FA functionality will assume the user has an authentication app available for use when authenticating their account.
For more information on 2FA, please review the Working with Two-Factor Authentication (2FA) article.