Account Security Settings
You can configure account security settings such as two-factor authentication (2FA) with Google authenticator app, verification code to your smart phone and security questions for resetting the password.
- Account with less than 50 enrolled devices – Not mandatory to configure security settings. Account admins have the option to enable / disable 2FA in ‘Management’ > ‘Account Security Details’.
- Account with more than 50 enrolled devices – Security is mandatory. Account admins and users will have to configure the security settings on first login.
Click the links below for more information:
Account security settings with
less than 50 devices
- Click 'Management' > 'Account' > 'Account Security Details'
- Two-factor authentication adds additional security by requiring staff to present two forms of authentication before they can login to ITarian.
- They need to enter their regular UN/PW + a unique code sent to their mobile device.
- Enabling the feature means all users on the account will be taken through the two-factor setup process the next time they login. This feature is enabled by default after you create your ITarian account.
- Setup involves installing the Google Authenticator app on staff mobile devices. Each member of staff must pair their device with ITarian to obtain verification codes. Guidance on this is available in Pair an Authentication Device.
- To login, staff will enter a unique code generated by the app as well as their username and password. The verification code changes frequently.
- Users can also configure personal security questions for resetting passwords.
Configure two-factor
authentication
- Click 'Management' > 'Account'
- Select the 'Account Security Details' tab
- Select 'Enable Two Factor Authentication'
- Click 'Save Changes'.
- Click 'Configure Later' to setup two factor authentication during the next login
- Click 'OK' to setup the process now. Clicking 'OK' will log you out immediately and ask you to login again to continue the process.
- Admins and staff should pair their authentication device for two factor authentication when they login to ITarian for the first time.
- The following message appears on first login after enabling two factor authentication:
- Click 'Configure My Authenticator' to start the configuration process:
- Step 1 - Download the 'Google Authenticator' app and install it on your iOS or Android device.
- Open the 'Authenticator' app and tap the '+' icon'
- Step 2 - Scan the QR code with the device camera. This will cause the Google app to generate the 6 digit code you need to complete pairing.
- 'I can't scan the QR code' - Click this to reveal the token if you cannot use the QR code. You should manually type the token into the Google Authenticator app.
- Step 3 - After completing steps 1 and 2, a six digit authentication code is generated in the Google app. This code changes frequently and is unique to your account.
- Enter the verification code in the field provided on the form.
- Click 'Pair'
- A success message is shown along with 10 backup codes.
- You can use the backup codes to complete two-factor authentication if you do not have the authentication device with you. Please make a copy of the codes. Each code can only be used once.
Two-factor authentication is now configured.
- Click 'Next'. You will be logged in to your account.
- All users (new and existing) need to follow the two factor setup process described above the next time they login.
- On all subsequent logins, users need to open the Google Authenticator app on their mobile device, collect their new verification code and enter it at the ITarian verification screen.
- If the account admin resets two-factor authentication for a user, he/she will need to go through the setup process again. See 'Manage
Admins and Staff' to find about resetting
two-factor authentication.
- Click the user icon at top-right then ‘Settings’ from the drop-down, scroll down to the ‘Security Questions’ tile
- You can set password recovery answers to the security questions.
- This is used when you lost your password and use the option ‘Forgot password’ in the login screen.
- The security questions that you answered are shown here. If the challenge is successful, password reset mail is sent to your registered account email address.
- Complete the procedure to reset your password.
Account security settings with more than 50 devices
- Two-factor authentication and security questions for password reset procedure is mandatory for accounts that has more than 50 enrolled devices.
- After you logged in to your account, the procedure to configure security settings begins:
- Click ‘Improve Account Security’.
- Area – Select your country from the drop-down
- Enter your phone number in the next field and click ‘Send’
- A six digit code is sent to your phone
- Enter the code in the last field and click ‘Verify’
If verification is successful, you can proceed to the next step, else you will have the option to generate a new code again.
- Click ‘Next’
In the next step, you have to provide answers to the security questions. These security questions are used to authenticate when you use the ‘Forgot password’ option.
- Answers for the security questions are now only showing the initial character and the others are hidden.
- Select the question from the drop-downs and provide your answers.
- Click ‘Save’
Next, configure two-factor authentication:
- Click ‘Configure Two Factor Authentication’
Two options are available to choose from:
Option
1 – Via Authenticator Application
- Click ‘Configure Two Factor Authentication’
- Scan the QR code or click ‘I can’t scan the QR code’, enter the code and click ‘Verify.
- A confirmation message is shown:
Admins and staff that login to the account for the first time has to configure 2FA using Google authenticator. The configuration process is explained in Pair an Authentication Device for more information.
This option sends a one time code to your smart phone that you configured in the first step.
- Click ‘Configure Two Factor Authentication’
- Click ‘Send Code’
- Enter the security code that you received in your phone and click ‘Verify’
That’s it, the 2FA procedure is completed.
Update your phone number and password reset security questions
- Click the user icon at top-right then ‘Settings’ from the drop-down and scroll down to ‘Password and Account Settings’ section.
Phone Settings
- In the phone settings tile, update the number and complete the verification process.
- Click ‘Apply’.
-
Click the user icon at the top-right then click 'Settings'
-
Scroll down to the 'Password and Account Policies' tile:
-
Lockout Time - Length of time a user is prevented from logging in after 5 invalid login attempts. Options range from 30 – 150 minutes (30 mins default).
-
Session Timeout Time - Maximum length of time a user can remain logged into ITarian before they need to log in again. Options are 1 hour, 2 hours, and 4 hours (4 hours default).
-
Password Expiry Period - Maximum length of time a user can keep the same password before they need to change it. Options are 45 days, 90 days, 180 days, 365 days and 3 years. (3 years default). The password expiry period for the reseller account is 90 days by default.
Click Apply' for your settings to take effect
Password reset security questions
- Locate the ‘Security Questions’ tile
- Update the password recovery answers to the security questions.
- This is used when you lost your password and use the option ‘Forgot password’ in the login screen.
- The security questions that you answered are shown here. If the challenge is successful, password reset mail is sent to your registered account email address.
- Click ‘Apply’.
Login using Two Factor Authentication
The two-factor
authentication screen is shown after logging in. The 2FA screen
depends on the method selected for your account.
Google Authenticator
SMS Code
Enter code generated in Google authenticator app and click ‘Submit’.
SMS Code |
Click ‘Send code’ and enter that you received in the phone, then ‘Submit’.
This method is available for accounts with more than 50 enrolled devices.