Applying two factor authentication

Secure your account with a second layer of account data protection

Ensure your data has the maximum security by applying two-factor authentication (2FA) to your account. This feature helps keep your account secure by ensuring that only authorized people are able to log into your organization to handle chats or administer your account. 2FA is one of the highest levels of security over and above a simple username and password and is an additional layer of account protection designed to prevent malicious activity on your account.

How does two-factor authentication work?

2FA requires you to verify your identity using a second form of account verification. When 2FA is enabled, you log in with your username and password as normal, but you will also be required to enter a time-based one-time password (TOTP) number code from a third-party authenticator app of your choice on your mobile phone. We recommend using this app for maximum protection, although SMS can be offered as an alternative authentication option.

How does 2FA work with Web1on1?

Only administrators or owners of an organization account can enable 2FA and this will enforce 2FA across all users of the account. Once applied, individual users will be required to have an authenticator app installed on their smartphone which can be configured with Web1on1 the first time they log in. Thereafter, each time they sign in with a username and password they will also be required to type in a one-time code from their app. 

Alternatively, if SMS is also enabled by the owner or admin, users can choose to have an SMS code sent to their phone instead.

How do I enable 2FA?

As an administrator or owner, go to the configuration section of the messaging platform.

To get there, go to Organization > Configuration from the left navigation panel.


Click on the on/off toggle to apply 2FA. You can also click the SMS option if you wish to also apply SMS.

Note: Users of your organisation will be able to authenticate with SMS only if they have added a mobile phone number to their user profile.

This is what it looks like in your organisation's Configuration section:

2FA Default status:

Toggle on 2FA

After toggling on:

Toggle on 2FA with SMS

What authentication apps can I use with 2FA?

Before being able to use 2FA for the first time, users will need to have first downloaded an authenticator app from the Google Play Store for Android devices or from the App Store for Apple users.

We suggest using MS Authenticator, Google Authenticator or Authy, although any 2FA application app that supports time-based one time passwords (TOTP) will work.

What happens when I log in to the platform for the first time after 2FA is enabled?

With your authentication app installed, you will need to go to the Web1on1 platform and follow the required steps for that app to register Web1on1 for 2FA. 

Once you’ve entered your username and password to access the messaging platform, you will see a QR code to be scanned by your authenticator app. This will automatically initiate the set-up procedure for your chosen authenticator and register Web1on1 on the app.  Once set up, you should see the six-digit one-time password appear beside the Web1on1 account in your app.

Type this into the the boxes provided and click the Sign In button to access the platform directly.

What happens the next time I want to log into the platform?

The next time you enter your username and password to sign into Web1on1, you will be prompted to enter a verification code from your security app. Simply open up your authenticator app and type the six-digit code you see into the boxes provided on the Web1on1 login page. 

If you also have SMS activated, you will be able to see the Send code by SMS link. Click on this and a code will be sent to your mobile phone instead. If you haven’t yet added your phone number into your profile within the messaging platform, you will not be able to see the SMS option.

2fa_loginHow often will I have to authenticate?

You will need to type in a six-digit pass-code each time you’re required to enter your username and password to log into Web1on1. You will not be required to do so if you close your browser down without logging out first, although you will be signed out automatically after 24 hours.

Using SMS to authenticate

If the owner or admin of your organisation has added SMS as an authentication method in addition to third party authentication, you will need to have added your mobile phone number in your user profile in order to have it as an option the next time you log in.

If you haven't yet added your mobile phone to your profile, you will see a warning message in the Security section of your user profile.

 

2fa_no_mobile

First, add your phone number into your profile under the Details tab:

Add phone into profile    

Once you've added in your phone number, you'll be able to view the Send code by SMS option the next time you log in. If you wish, you can now disable this manually in the Security tab by toggling the SMS option from the default on position:

2fa_with_mobile