Two-factor authentication (2FA) is a powerful tool that helps secure your business’s sensitive information against digital attacks.
2FA is a security measure that requires users to provide two different forms of identification before gaining access to an account. Typically this includes a password plus an additional security measure, such as using a mobile device or authentication app to generate or receive a time-sensitive code. By requiring two forms of identification, 2FA makes it significantly more difficult for unauthorized users to gain access to sensitive business information.
Apptoto allows you to enable 2FA at the account level. You can utilize 2FA if you have an individual Apptoto account or a Group account with multiple sub-accounts. You may also control which users belonging to your Apptoto account must enable 2FA as well.
Enabling 2FA at the Account Level
To set up 2FA at the account level in Apptoto, you must have Full user permissions or be a Group Admin.
- Navigate to the Settings tab in the left-hand navigation.
- Click the “Account & Billings” tab. (Note: You can also click the “Configure 2FA” button in the menu that appears in the upper right-hand corner when you click your username).
- Under the “Two-Factor Authentication” section, click the “Configure 2FA” button.
- A screen will appear with two options to enable 2FA: Authenticator App or Text Message.
- To use an Authenticator App such as “Authy” or “Microsoft Authenticator,” ensure you are on the “Authenticator App” tab shown below.
- Download an Authenticator App to your mobile device.
- In the Authenticator App, click “Add Account” or “+” and scan the QR code that is showing in Apptoto.
- Enter the verification provided by the Authenticator App into Apptoto.
- Click “Verify Token” in Apptoto.
- To verify using a text message, ensure you are on the “Text Message” tab shown below.
- Enter your phone number.
- Click “Get Token”
- Enter the token and save.
Once two-factor authentication has been enabled at the account level, it’s possible to adjust 2FA settings further at the user level. You can also require some or all users of the Apptoto account to enable 2FA.
Requiring 2FA for All Users
Once 2FA is enabled at the account level:
- Navigate to the Settings >User page
- Underneath the list of all users in the account, toggle “Require two-factor authentication on all accounts” to “on.” Note: In the image below, 2FA is “off” or not required for all users.
- The next time any users associated with the primary account (or subaccounts) log in, they will be required to set up 2FA.
Requiring 2FA for Individual Users
If you want to require 2FA for some users (but not all), you can set individual user-specific 2FA settings instead of toggling it on for all users. To do so:
- Navigate to Settings > Users.
- Select the “Edit” user button to the right of the user’s login.
- On the “Edit” screen, click the checkbox next to “Require two factor authentication.”
- Click “Save.”
- Apptoto will prompt the individual user to set up 2FA the next time they log in.
Re-Configuring or Disabling 2FA
If you want to re-configure or disable two-factor authentication, you can do so from the “Accounts & Billing” page.
- Navigate to “Settings” > Account & Billings” tab
- To reconfigure:
- Under the “Two-Factor Authentication” section, click the “Re-Configure 2FA” button.
- Generate a new token in your Authenticator App
- Enter the new token in Apptoto. Click “Save.”
- To Turn Off 2FA:
- Click the “Turn Off 2FA” button
- A prompt will appear asking you if you are sure you want to remove 2FA. Click “Yes.”