2-Factor Authentication

2-Factor Authentication for Internal Users

This function allows you to further secure your ConnectBooster account login via one-time use, rotating authentication codes. 

Customer logins are NOT affected with these setup steps. However, ALL "Internal Users" under Settings + Configurations + Internal Settings will be forced to enroll if you choose to opt-in to this feature.


Setup Instructions

Our 2-factor uses the standard time-based One-Time Password algorithm (TOTP). This means you may use the "Authenticator" style app of your choosing, if the protocol is supported.

Known mobile apps supporting OTP that have been tested:

  1. Duo Mobile
  2. Microsoft Authenticator
  3. Google Authenticator
  4. Authy

To get started, login to your portal and navigate to Settings + Configurations + Internal Settings. Expand the Two Factor Authentication header, select the check box and save your changes.

If you don't see this option, your account may not have high enough privileges to enable this system wide option.

Please check that the "Profile", selected for your account is the same as a Profile with the "Master Admin" option enabled.

Ex.,


Once enabled on your portal, the next login via your standard username/password will begin the enrollment process. This will be a requirement for all other Internal Users going forward.

After initial successful login, you will be prompted to scan a QR Code. Scan with a supported authentication app of your choosing. Some applications may require a label, or "friendly name".

Ex., use the "Add Account" & Scan QR Code option in Authy:

Save and enter a friendly name to refer to your ConnectBooster portal.

Enter the first code displayed via your authenticator app, and select enter.



After initial setup, subsequent login attempts will simply require to enter your rotating code going forward.

Congratulations, that's it! Your account is now protected via 2-factor authentication.

If you decide to later turn this off and re-enable in the future, all previously configured users will need to follow the QR Code enrollment steps again.


Troubleshooting

If you or another team member needs to go through the "enrollment" QR Code process again (ex., a new mobile device),  another Master Admin can do a "RESET" option under the given Internal User account. This ONLY resets the account in question. 

This does NOT force all other Internal Users to do the enrollment process again.

If your specific Internal User account is the only "Master Admin", and you are locked out, you will need to reach out to [email protected] for an account reset.