You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview
 

At present, two-factor authentication is not applied globally to all Users but is optionally set up for Users. 


As an extra layer of security, two-factor authentication has been implemented for CMS. It is designed to ensure that the User logging into the CMS is the person who owns that account. When set up, a User is required to enter their password and verify the login through an additional application such as Google Authenticator or Duo.   

What two-factor authentication means for CMS login procedures

User logins

When two-factor authentication is set up for a User:

  1. At the CMS login screen, User enters Username and Password. 
  2. Depending on the authentication method in place, the User accesses their device to retrieve a pin that must be entered or approves the login through an app. 

Failed logins

  • After five failed attempts, the User will be locked out for an hour.  

Password changes

  • A password change must be authorised by ... entering the current pin in their setup authenticator application

Authenticator reset

  • User reset: An logged in authenticated User can reset their two-factor authentication. Once reset is complete, the new setup will automatically replace the old on.
  • Loss of authenticator application: the User must contact Commerce Vision and ask for an account reset. Their CMS User account will be reset to allow the User to set up two-factor authentication again on login (if forced) or set it up once they login with their username/password (manual setup post-login when 2fa is not forced)


Set User-level two-factor authentication




  1. The Organisation ID field is pre-filled with your organisation name. Note - the system may default to your organisation and not display this field.   

  2. Click Add New Site and select the website from the Site Name dropdown list and click Add New Site. If the user will require access to multiple sites (e.g. Live and Stage), repeat this step. 
  3. To save the user to this site, click Add New Site again. 

  4. To add roles to the user, click the Manage Roles button. Roles define user access to CMS functions.

  5. Tick Administrator (and any other applicable roles) and click Save
     

Related help

  • No labels

© Copyright 2001-2023 Commerce Vision Pty Ltd. Use of this site signifies your acceptance of Commerce Vision’s Terms & Conditions. CV Connect, the Commerce Vision logos, and other Commerce Vision marks are assets of Commerce Vision Pty Ltd.