Table of Contents
When is this helpful?
This is helpful when you want to have an additional layer of security for the authentication process when signing into the Goaudits application.
The Two Factor Authentication (2FA) feature is available for Enterprise Members only.
Two Factor Authentication(2FA), referred to as “two-step verification”, is a security process in which users provide two different authentications to verify themselves.
Two Factor Authentication has been implemented to protect the users' credentials. 2FA provides an additional layer of security to the existing authentication (i.e., providing username and password) process.
In 2FA, users need to provide a username and password along with a one-time passcode(OTP). This helps the users to protect their accounts from unauthorized people. 2FA protects against phishing, social engineering, and password brute force attacks and secures your logins from attackers exploiting weak or stolen credentials.
Log in to the admin portal: https://admin.goaudits.com/ on a Desktop.
Enable or Disable the 2FA feature
Step 1: In the admin portal, under Setup, click on Users.
Step 2: Click on 'Edit User' to enable or disable the 2FA feature for a specific user(s).
Step 3: Click on Advanced Settings
Step 4: Click the Two factor authentication button to enable or disable the feature.
Step 5: Log out of the application. If you attempt to log in again, you will notice you will not be allowed to do so until you register to Two Factor Authentication.
The process to get the one-time passcode
Step 6: Log in to the admin portal: https://admin.goaudits.com/ on a Desktop.Log in with the valid credentials to register for 2FA.
Once the credentials are validated, if the current login user has enabled 2FA and logging in for the first time, then the user will be redirected to the email OTP screen where we send an OTP to the registered email address.
Step 7: Enter the OTP that has been sent to your registered email and validate it.
Step 8: Once the code entered is validated, you will be redirected to the QR code screen where you will see a QR code, as displayed below.
Download 2FA Authenticator App
Step 9: Install Google Authenticator or Microsoft Authenticator on your mobile device to scan the QR code that is displayed.
Step 10: Scan the QR code through your mobile device with the authentication app that has been downloaded. Once scanned from the mobile device, click on continue
Two Factor Authentication Enabled
When the 2FA has been enabled you will be prompted to enter the new OTP code generated the next time you go log in to the admin portal. Once you enter your log-in credentials as shown below in screen 1, it will automatically prompt an OTP message to appear as displayed in screen 2 below.
As displayed below, a message will appear informing you if an OTP has been successfully sent to your e-mail.
Enter the code sent to you by 2FA into the screen, as displayed below. The One Time Passcode that is displayed on the mobile device is valid only for 30 seconds and it changes once the time lapses.
If the code entered is valid you will be successfully logged in to the admin portal.
Validate the One-Time Passcode
Once the user has registered for OTP, now whenever the user logs in to the application, the user needs to enter the Passcode that is displayed on the mobile device.
Lost QR Code
When a user loses the scanned QR code to get the OTP in the mobile device, the user has an option to get the QR code again.
Once a user logs in with valid credentials, There is an option to get the QR code again. Click on the link “No QR Code? Click Here!” in the otp-confirmation screen and follow all the steps that are listed on The process to get the One Time Passcode.