In order to log into their licence, a user has to use their user name and the personal password that they defined themselves after receiving their access confirmation e-mail.
The access to a licence is therefore linked to the e-mail address of a user.
In order to provide increased security, especially to guarantee the protection of private data regarding GDPR, Actito offers the possibility to set up "two factors authentication".
The concept of "two factors authentication" (or 2FA) consists in multiplying the pieces of evidence required to let a user log in.
To be efficient, the authentication method should combine two factors of different nature :
Something the user knows : the principle is identical to standard single factor authentication. This is a password.
Something the user has : a code sent to a communication tool belonging ot the user. This one-time code will have to be provided to log in.
Two options are available for sending the code :
The code will be sent by SMS message to a mobile phone number associated to the user account. Therefore, only someone in possession of the phone will be able to connect to the licence. As mobile phones are usually kept on oneself at all times, this allows to set up strong security without inconveniencing the users.
To activate SMS two factors authentication, a valid mobile phone number must be provided for each user.
It is possible for the licence administrator to complete the existing users thanks to the "Manage users" application.
Every new user account must have a valid mobile phone number.
The code will be sent to the e-mail address associated to the user account. As we strongly advise to only create Actito account based on a professional address, anyone who needs to log into the licence will be able to easily retrieve the code on his professional mailbox.
As an e-mail address is required at the creation of any new user, there are no additional pre-requisite to the use of e-mail 2FA. This implies however that the code will be sent to the same resource as the password reminder process.
To set up two factors authentication, the licence administrator should make a request to their account manager (Customer Success Manager) or to the Actito support (email@example.com).
Good to know
2FA must be activated globally on a licence. It is not possible to only activate 2FA for specific users.
Similarly, the chosen communication channel (SMS or e-mail) will be the same for everyone.
To connect to your licence after activating "2FA", your authentication will be done in 2 steps.
The first one will remain identical to single factor authentication. You need to provide:
The name of licence
Your login (user name)
Your password (which is still linked to your e-mail address
If the login and password combination is correct, you will receive a code by SMS message or by e-mail and you will be directed towards a second screen.
Enter the code to access the licence.
In case of erroneous code, you will go back to the first screen and will have to provide your password again.
The code also acts as a warning if someone acquired your password and tries to connect to your account.
If you receive an SMS message or an e-mail while you did not try to log in, please contact firstname.lastname@example.org.
Once sent, the code will remain valid for 5 minutes or until the next request (in which case only the new code is valid).
It is possible to request the code to be sent again (once per minute), but it requires you to re-enter your password.
The input of several erroneous codes in a row will temporarily block the user account.