You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Overview
 

As an extra layer of security, two-factor authentication is now available for CMS User logins. When it is active, a User is required to enter their password and verify the login through a PIN generated by an authenticator app such as Authy, Microsoft Authenticator or Google Authenticator on another device such as their smartphone. This two step procedure is designed to ensure that the person logging into the CMS is the owner of that account.    

  • Two-factor authentication is currently an option CMS Administrators can force (turn on) for individual CMS Users or it can be self-added by the User. 
  • A User must have an authenticating device, e.g., a smartphone and an Authenticator app installed on it.

Two-factor authentication and CMS login procedures

User logins

Initial setup when forced

When two-factor authentication has been set as mandatory for a User by the Administrator, they will be asked to set up the two-factor authentication when they next attempt to login.

  1. At the CMS login screen, enter your Username and Password. 

  2. Instead of being logged in, the Authentication popup displays. 
  3. Open the Authenticator app on your authentication device.

  4. Either scan the QR Code or manually enter the Manual Entry Key. NOTE - if the 'Manual Entry Key' option is used, ensure 'Time-Based' is selected when options are given.

  5. The Authenticator app generates a PIN that expires in a set amount of time. Enter this PIN in the Authentication popup.

  6. , Click Verify and Login. If the PIN is valid and has not expired, login will be successful. The Authenticator app saves the authentication account for future CMS logins.
Initial setup when User-added

A User can optionally add two-factor authentication to their CMS login. To set up the process, they must be logged in to CMS.

  1. In CMS, hover over the Person Icon icon on the top right corner of the screen.

  2. Select Manage Account.

  3. Click the Two-Factor Authentication Setup button.  
  4. Using the authentication device, open the authenticator app and either scan the QR Code or manually enter the generated Manual Entry Key. NOTE - if the 'Manual Entry Key' option is used, ensure 'Time-Based' is selected if options are given.


  5. The Authentication app generates a PIN. Enter this PIN in Verify Setup by Entering Authenticator App PIN.

  6. Click Verify and Save. Authentication is complete. 
Subsequent logins

Once a User has set up their two-factor authentication with the initial login, the Authenticator app saves the authentication account for CMS login. At the next login, the User just has to go to the CMS login account in the Authentication app to retrieve the current PIN. This PIN is required after the User enters their Username and Password. 

 

Failed logins

  • After five failed attempts, the User will be locked out for an hour.  

Password changes

  • A Password change by the User must be authorised by entering the current generated PIN.

To change their password,

  1. While logged into CMS, the User selects Manage Account (top right corner of the screen).
  2. In the 'Change Password' screen, they enter the required the Current/New Password details as well as the current generated PIN from their Authenticator app.
     

Authenticator resets

Reset by User

A logged in authenticated User can reset their authentication. For example, a User may wish to change to another Authenticator app. Once the new setup is completed, it will automatically replace the old one. To reset authentication, just follow the steps for a User-added Setup.  

Loss of authenticator application or access

If the authenticator application is no longer available, e.g., the device is lost, the User must contact Commerce Vision and ask for an account reset. Their CMS User account will be reset to allow the User to set up two-factor authentication again when they next attempt to login (if two-factor authentication has been set as mandatory by the CMS Administrator) or by the User accessing the Two-factor Authentication feature once they are logged in with their Username and Password. (See Reset by User.)


Force two-factor authentication 

CMS Administrators can force two-factor authentication on Users. This must be set for each CMS User individually. 


Related help

  • No labels

© Copyright 2001-2023 Commerce Vision Pty Ltd. Use of this site signifies your acceptance of Commerce Vision’s Terms & Conditions. CV Connect, the Commerce Vision logos, and other Commerce Vision marks are assets of Commerce Vision Pty Ltd.