Two-factor authentication, or 2FA, is an additional layer of security known as multifactor authentication that requires not only a password and username but also something that only that user has on them.
We suggest the following for strong security:
- Create a secure password.
- Do not give out your login details to anybody else.
- Use two-factor authentication for all users.
Tilaa supports Google Authenticator and other compatible authenticator applications for two-factor authentication (2FA). Yubikey and one-time-use emergency backup codes are also supported by Tilaa.
What exactly is Google Authenticator?
Google Authenticator is a program that provides two-step verification services by using a time-based one-time password. The Authenticator generates a 6-to-8-digit one-time password that users must enter along with their username and password to log in.
What exactly is a YubiKey?
A YubiKey is a small device that plugs into your USB-port that can generate OTP-Passwords when prompted by simply pressing the small button that is embedded into the device.
Please note, that we only support YubiKey devices that support the OTP functionality, FIDO U2F based keys are currently not supported.
Enabling Two-Factor Authentication:
There are 2 ways to set up two-factor authentication for your Tilaa account.
- First, go to your Dashboard and look for the security box on the main page. When you click the details, you will be directed to the security page.
- Another method is in the main navigation, under the Account heading, click ‘Security’.
- When you click the ‘Setup Two-Factor Authentication’ button, you’ll be asked to choose between Google authenticator or YubiKey.
Choosing the Google Authenticator:
Google Authenticator can be activated by clicking ‘Activate’ beneath Google Authenticator. Scan the QR code with your phone's camera by opening the Google Authenticator app and selecting ‘Begin Setup’, then selecting ‘Barcode’, and scanning the QR code.
Fill in the 6-digit code generated on your phone.
If you haven't already, you can add your mobile phone number to your account on the page on our website. You will be able to reset or retrieve access to your Tilaa account if you misplace your 2FA device.
Choosing the Yubikey
You'll need one of Yubico's Yubikey USB devices to use Yubikey Authentication.
You can activate YubiKey by clicking ‘Activate’ underneath YubiKey. Click in the field on the right-hand side and generate one-time passcodes with a YubiKey hardware dongle.
Click on ‘Submit’.
If you have not added your mobile phone number to your account, you can also add that on the page on our website. In the event you misplace your 2FA device, you will be able to reset or retrieve access to your Tilaa account.
Download the backup codes and keep them somewhere safe.
Globally enforce two-factor authentications
If you want all the users on your account to use 2FA you can globally force this from our Dashboard. Head over to the Two-Factor Authentication option to configure.
When you have 2FA active, you can choose to enable the policy globally for all users. Toggle the option you want to force (YubiKey or Google Authenticator) and click on ‘Save’.
Restoring access with 2FA
Backup codes can be used to sign in if you have lost your device, phone, or are otherwise unable to receive codes. These codes can be found on the right side of the Two-Factor Authentication menu.
Backup codes were first made available to you at the end of the two-factor verification setup. The codes come in groups of 10, and you can generate a new set at any time, rendering the old set inactive. Furthermore, once you've used a backup code to sign in, it will become inactive.
We recommend that you keep your codes in the same location where you keep your other valuable items. Back-up codes, like phone codes, are only valuable to someone if they also manage to steal your password.
I've lost my backup codes for 2FA
Did you lose both your 2FA device and backup codes and are you unable to enter you Tilaa account? Please contact support. We’re happy to help!
Comments
Article is closed for comments.