Introduction
Civica two factor authentication provides an additional layer of protection for administrator accounts. With two factor authentication enabled, when you log into the Civica Administration Portal, after providing a username and password, you will be asked for a verification code. The code is delivered to your mobile device either via SMS or by using a two-factor authentication application such as Google authenticator. This additional step ensures that a malicious person who has discovered your password will not be able to log into your Civica Administration Portal as you.
INFO: Two factor authentication is enabled on a per lms basis. If you would like to use two factor authentication on your lms, please contact Civica Support.
Using two factor authentication
How do I setup two factor authentication for my account?
With two factor authentication enabled, the next time you login to the Administration Portal you must supply your username and password as normal. Having supplied valid credentials you'll be prompted to setup two factor authentication. The choices you have at this point depend on how your global administrator has configured two factor authentication for your site. You may see the Google Authenticator option, the SMS option or both.
- Choose Setup using an app if you want to generate verification codes by using the Google authenticator App which you must install on your iOS or Android phone or tablet device.
- Choose Setup using SMS if you want to receive verification codes to your phone via text messages.
Using the authenticator App option
On selecting the Setup using an app option, a QR code is presented, similar to that shown below:
- Use the Google authenticator App to scan this code to configure the App to generate verification codes for your Civica Learning Administration Portal.
- Click Enter verification code.
Your authenticator App will now generate a (time limited) verification code. Enter the code into the Verification code field when prompted.
Save your recovery codes
Setup is now complete but it’s important that you copy and paste your account’s recovery codes and store them in a safe and secure location. You will need these recovery codes if you lose your device and are unable to generate verification codes.
For more information about installing and setting up the Google authenticator App, see this article.
Installing the Google Authenticator App
Google authenticator is a free App available in the Google Play Store for Android devices and in the iTunes App store for iOS devices.
Download the Google Authenticator App for Android devices here.
Download the Google Authenticator App for iOS devices here.
Using the SMS option
On selecting the Setup using SMS option, you are presented with the following dialog box:
- Select the country in which your mobile phone is registered.
- Enter your mobile phone number (without any spaces).
- Click Send verification code.
A two factor verification code will now be sent to your phone. Enter the verification code when prompted.
Note: The verification code is only valid for 60 seconds.
If you don’t receive the code, check the phone number presented on the screen and if it’s incorrect, click Back and update the number.
Save your recovery codes
Setup is now complete but it’s important that you copy and paste your account’s recovery code and store them in a safe and secure location. You will need these recovery codes if you lose your mobile device and are unable to receive a verification code via SMS.
What if I lose my mobile device?
If you don’t have access to your mobile device when you need to login, you’ll need to enter a valid recovery code. These are presented to you when you first setup two factor authentication for your account.
Note: You can only use each recovery code once.
If you don’t have your device and you don’t have your recovery codes, then your only option is to contact one of your site’s global administrators who will need to reset the two factor authentication configuration for your account. Once they’ve done this, you’ll need to login and go through the two-factor setup process again.
Global administrator support
How do I enable two factor authentication?
Two factor authentication must be enabled on your lms before you can configure it. This process must be completed by the support team; please raise a ticket with the support team if you would like this feature enabled. After this process is completed you can follow the instructions below to configure two factor authentication based on your requirements.
As a Global administrator, go to the Settings | Security page in the Administration Portal and select Mandatory as the two factor authentication configuration under Administrator portal.
In order to enable this for the Learner portal, do the same under the learner portal option. You can also choose what authentication method options you want to give to learners. You can select all three but must choose at least one.
This setting forces all administrator accounts to configure two factor authentication the next time they login to the administration portal, and they must provide a verification code on subsequent logins.
- Select SMS messages if you want to allow admin users to receive verification codes via SMS text messages.
- Select Google Authenticator app if you want to allow admin users to generate verification codes by using the Google authenticator App.
Note: The Mandatory setting forces all administrator accounts, regardless of the specific administration role they hold, to require two factor authentication when logging into the Administration Portal. This is not limited to global administrators.
How do I reset the two factor authentication settings for a user account?
If an administrator is unable to login to the administration site because they’ve lost their device and their recovery codes, you must reset their account’s two factor settings.
To reset a user account’s two factor authentication settings
- Log in to your Administration portal as a Global administrator.
- On the NAVIGATION pane, click Users.
- On the Results page, click the user you wish to investigate.
- In the ACTIONS section, click Reset 2FA.
This user’s two factor authentication settings are now reset. The next time they login, they must go through the two factor authentication setup process once again. Encourage them to record and safely store away their recovery codes, which are presented at the end of the setup process, in case they have a similar problem in the future.
Comments
0 comments
Please sign in to leave a comment.