Sidebar
dual_factor
Two factor authentication
Two factor authentication is used to prevent unauthorised access to the system in the event that a third party obtains a valid user email and password.
The first time a user logs in to the system from a new computer, a 6-digit one-time security code is generated randomly and emailed to their registered address. This code must be entered in order to complete login.
By ticking a checkbox on the code entry screen, the user may “trust” the computer they are using. This will store a secure token on the computer (as a cookie) which will allow them to login in future without a security code.
The most recently generated security code for each user is shown on the User Management screen (level 2 only) to allow admin staff to assist where a user is unable to access their email, or where for any reason the security email does not arrive.
Users should not use the “trust this computer” option on publicly accessible computers.
dual_factor.txt · Last modified: 2017/02/20 16:50 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
