Two-factor authentification

Double authentication or two-step verification considerably strengthens your cybersecurity by protecting you against phishing, social engineering and brute force intrusions. Thanks to it, you can also block the way to hackers who manage to get their hands on your identifiers.

General rules

• Two-factor authentification only concerns the web application (back-office)
• The configuration on the accounts is only possible if the authorization has been activated beforehand by an Administrator
• Users and Group Managers do not need special rights to set up this feature
• All Users, Group Leaders and Administrators set this feature on their own account and only if they wish

How does it work?

First, the admin must allow two-factor authentification on the company account. Once this option is activated, each User, Group Manager and Administrator will be able to set up double authentification on their own profile.

Authorize two-factor authentification

This action can only be performed by an Account Administrator. To activate this option, he must go to My Account Settings and then click on the Password Policy tab. Just check the Allow two-factor authentification option and save.

Activate two-factor authentification

This action can be performed by anyone with an account on the application, whether the profile is Administrator, Group Leader or User. To perform the configuration, it is necessary to open a Kizeo session on the Web application and to install the Google Authenticator application on a mobile. It is available on PlayStore and AppleStore.

Here are the steps:

1. From the web application, you must go to the View my profile page by clicking on the corresponding button, next to the flag, at the top and right of any page
2. Go to the Double Authentication tab and click on the Activate button
3. With the mobile, scan the QR Code using the Google Authenticator application
4. A code appears on Google Authenticator
5. Enter it in the field then click on Save
6. The message "Two-factor authentication is enabled!" is displayed. All you have to do is validate it
7. Two new keys are now appearing: Activate on a new device and Deactivate two-factor authentication
   
   

Open a session on the back-office

To open a session on the Web application, it is now necessary to have your mobile and to have launched the Google Authenticator application.

After entering the company code, the login ID and the password, you are now asked to enter the authentication code issued by Google Authenticator. Just enter it and click Authenticate.

Warning: The code changes every 30 seconds. If you enter a code that had changed when you opened the web application, you may get the following message. This is why it is recommended to first open Kizeo Forms on the PC and then Google Authenticator on the mobile.

Reminder: Double authentication is activated only on the profile from which it was configured.

For further information...

• How to view suggested lists on your form?
• Restricted mode, what is it?
• How to set up a validation policy on Kizeo Forms?
• Deep Linking
• Create regular expressions to check the complexity of passwords!

Do not hesitate to comment on this article !
We are available to answer your questions, suggestions, remarks, etc. !