Two-step authentication adds extra security by requiring two forms of identification when your users sign into their accounts. This means that as well as an email address and password, users will need a unique passcode generated by an authenticator app to login to their account.
Before you start
Before you enable two-step authentication there are some useful things you should know first.
Users will need to download a two-step or two-factor authentication app to their mobile device such as Google Authenticator, Authy or Authenticator Plus.
Users will also need their mobile device to generate a passcode. If they lose or damage their device, they must contact an account administrator to reset or turn off two-step authentication.
Enabling two-step authentication
To turn on two-step authentication for a user, complete the following steps:
1. Go to Admin > Users.
2. Find the user you want to enable two-step authentication for. You can use the filter options available if required to help find the user.
3. Click Edit against the user you wish to enable two-step authentication for, and the Edit User box will be displayed.
4. Click the Two-Step Authentication tab and tick the Two-step authentication enabled checkbox.
5. Click Update to save the changes.
Please Note: If you want to disable two-step authentication for a user at any time, you can do this by following the above steps but instead untick the Two-step authentication enabled checkbox.
Configuring authentication device
Once two-step authentication is enabled, when the user next signs in they will be required to configure two-step authentication. They can do this by completing the following steps:
1. Open the authenticator app.
2. In the app add a new account and scan the QR code.
3. Once configured, go back to ExpenseIn and enter the current 6-digit verification code provided by the authenticator app.
4. Click Configure & Sign in to finish the configuration.
See the documentation for your specific authenticator app for more details on configuring two-step authentication on your device.
Once two-step authentication has been fully configured, the user will need to sign in using two-step authentication.
Please Note: If a user is having trouble scanning the QR code to configure two-step authentication, ask them to try moving their phone further away from the screen. Certain devices work better further away than you would think, in particular Google Android devices.
Related Articles