2-Factor Authentication for Internal Users
This function allows you to further secure your ConnectBooster account login via one-time use, rotating authentication codes.
Customer logins are NOT affected with these setup steps. However, ALL "Internal Users" under Configurations + Internal Settings will be forced to enroll if you choose to opt-in to this feature.
Our 2-factor uses the standard time-based One-Time Password algorithm (TOTP). This means you may use the "Authenticator" style app of your choosing, if the protocol is supported.
Known mobile apps supporting OTP that have been tested:
- Duo Mobile
- Microsoft Authenticator
- Google Authenticator
To get started, login to your portal and navigate to 1) Configurations + Internal Settings. 2) Scroll to Two Factor Authentication header, select the check box and save your changes.
If you don't see this option, your account may not have high enough privileges to enable this system wide option. To learn more about internal profiles, check out our Internal User Profiles article.
Once enabled on your portal, the next login via your standard username/password will begin the enrollment process. This will be a requirement for ALL Internal Users going forward.
After initial successful login, you will be prompted to scan a QR Code. Scan with a supported authentication app of your choosing. Some applications may require a label, or "friendly name".
Ex., use the "Add Account" & Scan QR Code option in Authy:
Save and enter a friendly name to refer to your ConnectBooster portal.
Enter the first code displayed via your authenticator app, and select enter.
After initial setup, subsequent login attempts will simply require to enter your rotating code going forward.
Congratulations, that's it! Your account is now protected via 2-factor authentication.
NOTE: If you decide to later turn this off and re-enable in the future, all previously configured users will need to follow the QR Code enrollment steps again.
If you or another team member needs to go through the "enrollment" QR Code process again (ex., a new mobile device), another Master Admin can do a "RESET" option under the given Internal User account. This ONLY resets the account in question.
This does NOT force all other Internal Users to do the enrollment process again.
If your specific Internal User account is the only "Master Admin", and you are locked out, you will need to reach out to [email protected] for an account reset.