Two factor authentication

You can enable two-factor authentication for the Developer Portal. This feature adds an extra level of security for users attempting to access the Developer Portal.

Before you begin

You must have administrator access to complete this task.

About this task

You can also enable the "Trusted Browsers" feature, to allow trusted browsers to bypass the two-factor authentication process for 30 days. When two-factor authentication is enabled, you can configure who needs to use two-factor authentication to access the Developer Portal

Procedure

To enable two-factor authentication, complete the following steps:

  1. Click Configuration in the administrator dashboard.
  2. Under PEOPLE, click Two-factor Authentication.
  3. Select the Enable TFA check box. The view expands to show the configuration options for two-factor authentication.
  4. Under Login plugins, you can optionally select the Trusted Browsers check box. The view expands to show the configuration options for trusted browsers. This feature enables users to mark specific web browsers as trusted, which will cause the TFA token request from that browser to be skipped for 30 days.
  5. Click Save configuration. Two-factor authentication is now available for administrators.

To configure who needs to use two factor authentication to access the Developer Portal, complete the following steps:

  1. Click People in the administrator dashboard.
  2. Select the PERMISSIONS tab.
  3. In the Filter list field, type TFA . The following permissions will show under the PERMISSION heading:
    • Set up TFA for account - Sets who can turn on two-factor authentication for their account, by default this is only administrators.
    • Require TFA process - Forces users in a specific role to use two-factor authentication. If two-factor authentication is enabled for a role but not for a specific user with that role assigned to them, they will be prompted to set up two-factor authentication when they log in.
    • Bypass force TFA setup - Enables a specific role to bypass the two-factor authentication and still log in. This can be useful for the prevention of the admin user being locked out of the Developer Portal.
    • Administer TFA - Allows the modification of two-factor authentication settings. This permission should only granted to users with administrator roles.
  4. Select and deselect the check boxes in the columns for each role to assign the previously listed permissions to each role.
  5. Click Save permissions. You have enabled and configured two-factor authentication.