Using Two Factor Authentication
Two-factor authentication (2FA) is an essential security measure that adds an additional layer of protection to the standard username and password login procedure. For You'reOnTime users, the use of 2FA can significantly enhance the security of their accounts and personal information. When 2FA is enabled, it requires users to provide two different authentication factors to verify their identity, which usually involves something they know (password) and something they have (a unique code sent to their phone).
This double-checking prevents unauthorised access even if someone has managed to get hold of the user's password. As a result, it helps safeguard sensitive data and personal information, preventing data breaches and enhancing overall system security. Thus, implementing 2FA can greatly contribute to the peace of mind of You'reOnTime users, knowing their data is secure and access is tightly controlled.
This guide will take you through how to set-up and enable 2FA in You'reOnTime.
To enable two-factor authentication, navigate to Settings > Manage Staff
From here, you can select any staff member with a username for whom you'd like to Enable Two Factor Authentication [2FA]. For demonstration purposes we will choose Holly
From here, scroll down to Security and select Enable Two Factor Authentication
This will then bring up a popup window that looks like this. Scan the QR Code with your Two Factor Authenticator App or manually enter the code into the app.
For demonstration purposes we have used Authy as the mobile application of choice for two-factor authentication. You may also choose to use the Google Authenticator app.
Once the QR code has been scanned, click close
Then enter the code that is generated on your phone into the box that appears
Once the code has been entered, click Ok.
You will know that 2FA has been enabled, as a new button will replace Enable Two Factor Authentication with Disable Two Factor Authentication.
Once 2FA has been enabled, every login attempt with that specific staff member will prompt you for a 2FA code from your app, as shown below:
You will only be allowed access to your account, once this code has been entered. This acts as an additional layer of security to protect the data of you, and your clients.