Two-Factor Authentication (2FA) is a form of multi-factor authentication intended to confirm a user's identity by utilizing a combination of identifying pieces of information to successfully login to the system.
Accessing 2FA Settings
To access the Two-Factor Authentication settings for the system, click the Launchpad and navigate to Setup > Settings > Advanced Options > Two Factor Authentication.
Configuring 2FA Settings
Two-Factor Authentication can be enabled or disabled for the entire system. Additional settings are also available which control options available for the end user to leverage during the 2FA user configuration and login process.
Authentication Required: enabling this setting requires that all users in the system utilize two-factor authentication during their login process.
Enable Trusted Devices: when this setting is enabled, a checkbox appears during the code verification process for the user to register the device they are logging in with as a trusted device.
This checkbox is not displayed when this setting is disabled. Under those conditions, the system will require that the user verify their identity using 2FA each time they log in.
Trusted Device Time Limit: this dropdown menu provides system administrators with options as to the amount of time the user's workstation is considered a trusted device. Options available include 7, 14, 30, and 90 days.
Allow Email Authentication: enabling this setting allows the user to receive authentication codes at the email address associated with the user's Clarity Human Services account. The option to utilize email authentication will appear in the user's set-up dialog.
With this setting disabled, the 2FA functionality will assume the user has an authentication app available for use when authenticating their account.
For information about the end user process of using 2FA, please review the Getting Started Two-Factor Authentication (2FA) article.