Today we added support for Two-Factor Authentication (2FA) in TeamDesk and dbFLEX Enterprise editions.
To enable 2FA for the user, the domain administrator privilege should check Enable Two-Factor Authentication box in user’s properties page from Manage Users list. There is also an option to mass-enable or disable 2FA for a set of selected users directly from the list.
Once 2FA is enabled, after completing the login form, we’ll prompt the user to enter 6-digit authorization code.
This code is delivered to the user by email and valid for approximately 3 minutes.
In addition, TeamDesk Mobile Client app now provides code-less one-click option to confirm the login using biometric authentication or device’s pin code.
Moreover, the user can set up her favorite authenticator app to get the code. Instructions are found at the bottom user’s personal preferences page.
Using TeamDesk Mobile Client app to confirm login
TeamDesk Mobile Client app v1.5.6 supports code-less one-click login confirmation. The user should just click on the login confirmation notification and confirm the login using device’s biometric authentication or pin code.
Using third-party authenticators for two-factor authentication.
As codes are generated using industry standard TOTP algorithm you can use any compliant authenticator.
Instruction for pairing with authenticator app will appear at the bottom of user’s personal preferences page.
- There is a plethora of authenticator apps, to name a few: Microsoft Authenticator, Google Authenticator, 1Password or Authy. Pairing the app with an account is as simple as scanning the QR code displayed in user’s preferences under Two-Factor Authentication section.
- On Apple macOS and iOS TOTP support is backed into Passwords with cross-device syncing. Scan QR code with device’s camera and follow the instructions in Passwords.
- Manual authenticator setup is always an option. Beside unique secret value, other setup parameters are typical defaults:
- Secret: copy from user’s preferences page
- Type: TOTP (time-based)
- Algorithm: SHA-1
- Digits: 6
- Period: 30 seconds
And, as a little bonus…
we added an Enforce password history option to Password Policies to track user’s password change history to prevent reusing the same password over and over again.
Have a nice day!