For increased security, the ADvance back-end can be set to use a two-factor verification in addition to company, username and password. This will require secondary authentication from users each time they log in to the system.
Note this feature is available per client rather than brand or individual user.
Setting up authenticated users
Users will need to install an authenticator app on their phone or tablet, and have their device present when they need to log in. Here are some recommendations for authenticator apps based on device and operating system.
The Google Authenticator app can be found:
- iOS – https://itunes.apple.com/gb/app/google-authenticator/id388497605?mt=8
- Android - https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
The Duo Mobile app can be found:
- iOS - https://itunes.apple.com/ro/app/duo-mobile/id422663827
- Android - https://play.google.com/store/apps/details?id=com.duosecurity.duomobile
New, more secure Sign In flow
When users first log in with their correct company, username and password, they will see a screen asking them to link their device, either by scanning the QR code shown or inputting the secret key manually.
After successfully authenticating, the user will be logged in to the ADvance dashboard page as before.
The extra verification step will be required every time the user logs in.
However, as ADvance remembers users, this should only be necessary if the user chooses to log out or if the user’s permissions have been changed by an administrator.
Reset verification code
The authentication code is linked to the device, so if a user loses or replaces their phone then an ADvance administrator needs to reset the two-factor authentication for their user account. This is done by viewing the user details in Admin > Users, clicking Reset Two-Factor Authentication, then Finish.