Two-factor authentication is included within all Clinked subscription packages, with each account given the opportunity to provide their portal with an additional level of security. It will increase the security of your account by triggering a two-step process prior to logging into your platform.
Within Clinked, two-factor authentication can be applied for:
- All Members - Account Administrators can force all members to use to access portal
- Individual Members - Members may self assign using this option independently
Setting up Two-factor Authentication For All Members
Account Administrators (super admins) have the ability to activate 2FA for all members of your portal.
Follow the below steps to activate this:
Step 1. When logged into your portal, go to the drop-down menu that is present in the top menu bar next to your name. Navigate to Account Settings.
Step 2. Now when in your portals account settings, go to the Security and Authentication subheading. Within this you will see an area for two-factor authentication.
Step 3. Check the tick-box and enable two-factor authentication, then be sure to click Update.
See below to help setting up either option as your preferred method to use each time you sign in (Note: you will be required to enter both your password and an authentication code every time you log into your account).
Using an Authenticator
To use an Authenticator as your method of 2FA When presented the Two-factor authentication options, Ensure you are on the Authenticator tab (this should be the default)
Step 1. As per the instructions on the tab, download your authenticator of choice. (I will be using Google Authenticator).
Step 2. When your authenticator app has downloaded, open the app and scan the barcode shown within the tab.
Step 3. Once this is scanned, a verification code will appear. Enter this into the code section (Be sure to do this quickly as the code is only available for a limited amount of time).
Step 4. Click verify code and you will be granted access to your account!
From then on out, when signing in it will trigger the 2FA and you can simply go onto your Google Authenticator App and use the code shown to activate your account, you will not need to scan the barcode each time.
The alternative method to confirm your identity is to use SMS. Instead of using an authenticator, you will be sent your authentication code via SMS message to your mobile phone.
Step 1. Select the appropriate country from the dropdown menu. (The code will not send if you have the wrong country selected)
Step 2. Enter the phone number that you wish to receive the code on each time you log in. Click Send.
Step 3. You will be sent an authentication code to your mobile, simply enter the code and click Verify code.
Then, every time you attempt to log in a new code will be sent to your mobile.
De-activating Two-factor Authentication for All Members
Disabling 2FA will no longer require the members of your portal to enter an authentication code and confirm their identity when logging into the portal. Again this can only be done by super-admin members of the account.
Step 1. Go into your Account settings.
Step 2. Within the Security and authentication subheading, you will see a 2FA box.
Step 3. There will be a tick-box that says Require everyone to use two-factor authentication for signing in.
Step 4. Untick this box and select Update. This will disable 2FA for all of the accounts within your portal.
Individual Member Activating Two-factor Authentication
Alternatively, you can enable two-factor authentication for just your individual account. This is a personal setting that can be done by any member regardless of your permissions. However, please note that when enabling it for just your account, it will only apply to your individual login and not to the portal as a whole.
Step 1. When logged into your portal, go to the drop-down that is in the menu bar next to your name.
Step 2. Within this dropdown, select Personal Settings.
Step 3. Then in the Password and Security sub-heading, there will be a box titled Two-factor authentication.
Step 4. Click Activate Two factor authentication.
Step 5. Then you will be asked to select your method of 2FA. Choose your preferred method and then enter your code. This code will either be generated by an authenticator or sent to your mobile, depending on the method you chose.
Step 6. Click Verify code.
Two-factor authentication will then be activated for your account, you will be provided back up-codes that will give you access to your account if you are away from your usual authentication device.
Deactivate two-factor authentication for your individual account
To no longer require two-factor authentication when logging into your account:
Step 1. Go back into your Personal settings.
Step 2. Within the Password and Security subheading go to the two-factor authentication box.
Step 3. Select the De-activate two-factor authentication button and it will be disabled for your account.
After successfully logging in with any method of 2FA, you will be given a list of personalised back-up codes. These can be used to get into your account if you are unable to access your authentication device. We would suggest either printing these off or copying and pasting them into a document that you then save onto your desktop.