Two-step authentication adds extra security by requiring two forms of identification when your users sign into their accounts. When enabled, as well as an email address and password, users will need a unique passcode generated by an authenticator app to log in to their account.
Before you start
Before you enable two-step authentication there are some useful things you should know:
Users will need to download a two-step or two-factor authentication app to their mobile device such as Google Authenticator, Authy or Authenticator Plus.
Users will also need their mobile device to generate a passcode. If they lose or damage their device, they must contact an Account Administrator to reset or turn off two-step authentication.
How to enable two-step authentication
To turn on two-step authentication for a user, follow the steps below:
1. Click the Account Name > Admin.
2. By default, you'll be taken to the Users page in the User Management section.
3. Find the user you wish to enable two-step authentication for by using the Filter options available.
4. Click the Edit icon, found at the right-hand side of the User record.
Note: You can also click the three dots icon and select Edit from the drop-down.
5. In the Edit User window, click the Two-Step Authentication tab.
6. Tick the Two-step authentication enabled checkbox.
7. Click Update.
Note: If you want to disable two-step authentication for a user, follow steps 1-5, untick the Two-step authentication enabled checkbox and click Update.
How to configure the authentication device
Once two-step authentication is enabled, the user will be required to configure two-step authentication when they next sign in. They can do this by completing the following steps:
1. Sign into the ExpenseIn web portal and the user will be prompted to configure two-step authentication.
2. The user will open their authenticator app and add a new account by scanning the QR code.
3. Once configured, the user will go back to ExpenseIn and enter the current 6-digit verification code provided by the authenticator app.
4. The user must click Configure & Sign In to finish the configuration.
Once two-step authentication has been fully configured, the user will need to sign in using two-step authentication.
Note: If a user is having trouble scanning the QR code to configure two-step authentication, ask them to try moving their phone further away from the screen. Certain devices work better further away than you would think, in particular, Google Android devices.
The user may need to see the documentation for their specific authenticator app for more details on configuring two-step authentication on their device.