About Two-factor Authentication
This article provides information about Two-factor Authentication and who can enable and disable it in the system.
Two-factor authentication (2FA) is an extra layer of protection used to ensure the security of online accounts beyond just a username and password. You can choose to enable or disable Two-factor authentication. You don’t have to enable Two-factor authentication, although we highly recommend you do so.
The benefit of enabling Two-factor Authentication is that it provides a double-layer of security when using the system. The system does this by asking the user to enter a password, and then sending a one-time access code through the user’s phone, email address, or via an Authenticator Application. The one-time access code is used to complete the login process to the account. Taking two steps to login (entering a username and password; and then entering a one-time access code), ensures the identity of the user.
Two-factor authentication can be enabled or disabled by Staff (All Hub administrators) or the Donor and adds an additional layer of protection to information while the user is utilizing the system. After enabling Two-factor Authentication, at the next login, the user is provided an opportunity to check a box to “trust this device“, and will not be asked to provide additional information for security at login for 90 days. The system use on that device remains secure during the 90 days.
An example for why Staff might want to consider using Two-factor authentication may be to protect the information kept in the directory. Without it a hacker could more easily compromise the personal information of the members in the Directory. A Donor may want to use Two-factor Authentication to protect the banking information used when making a donation or their tax information describing how much was donated.
Note* A user who does not have access to their device and cannot log in through their authenticator app, resulting in an inability to securely login, can call support at 1-800-348-2886 to disable it. Support will verify the caller’s identity prior to disabling.
Check this out for more information on how Staff enables Two-factor Authentication, how a Donor enables Two-factor Authentication, or how Staff disables Two-factor Authentication or how a Donor disables Two-factor Authentication.