Two Factor Authentication makes customer data more secure by requiring that users with a ‘client’ account type supply an additional form of verification in addition to their screenname and password when they log in to the InsightHub.
When enabled, two factor authentication can be set to be either optional or required for all client accounts. Please contact the FlexMR Help Desk team if you would like two factor authentication turning on.
If the two factor authentication is set to ‘optional’, users will need to turn on for themselves by visiting their profile and selecting any of the options to change screenname/change password/change picture.
If the two factor authentication is set to ‘required’, users will need to activate this when they next log-into the site (after it has been switched on). In this case, when they go to the log-in page and enter their details, they will be re-directed to a page to enable two factor authentication.
To log-in with the two factor authentication, users will need to download an authentication app such as Twilio Authy, Microsoft Authenticator, LastPass Authenticator or the Google Authentication app.
Click the button ‘Enable Two Factor Authentication’ and use your authentication app to scan the QR code which will appear on a pop-up screen. Save the account to your phone, and then open it up to generate an authentication code.
Enter the six-digit code in the confirmation box then click ‘Confirm and Activate’.
You will then be shown a list of Recovery Codes, to keep somewhere safe in case you lose access.
Next time you log into the InsightHub, after you have entered your screenname and password, you will see an overlay prompting you to enter an authentication code. Open up your authenticator app and go to the account you created for the site, and get a code and enter it.
You can choose not to be asked again for 90 days on the same browser (note: if you log in to the same site on a different device or browser, you will be prompted to log in).
If you lose access to your authentication app, for example if you lose your phone, you can use a recovery code to log in and then reset your Two Factor Authentication. Click on ‘use a recovery code instead’.
Enter one of the Recovery Codes you recorded. Note: you only have 10 codes and each code can only be used once.
You can generate new recovery codes from the Two Factor Authentication section on the Edit Your Details page. You can also disable two factor authentication on your own account from there.