To further strengthen the security of your site, LexBlog's Enterprise Platform includes two-factor authentication, which requires the use of a second factor (in addition to your standard username and password) to log in to your site. This added step ensures that if your username and password were ever stolen, access to your platform would remain protected. The second factor we're using is a time-based one-time password generated using your choice of several free smartphone apps.
You will need
- Your Enterprise Platform username and password.
- Your smartphone.
- A two-factor authentication app installed on your phone platform:
Log in to any site on your Enterprise Platform, hovering over Users in the left menu and clicking on Your Two-Factor Authentication in the expanded menu. Just like your username and password, two-factor authentication will work on any of your sites on Enterprise Platform once you set it up on one.
Scroll down to the Your current one-time password, QR code/private key and emergency codes section to scan your QR code with your two-factor authentication smartphone app. Alternatively you can enter your short alphanumeric private key into your two-factor authentication smartphone app.
For details on how to operate your two-factor authentication app, please visit the official support pages of the app for your device operating system. Here are the support pages of popular two-factor authentication apps:
Once you've scanned your QR code or entered your private key into your two-factor authentication app on your smartphone, you will see a six digit number that refreshes every 30 seconds. On the Your Two-Factor Authentication page click the Refresh for current code link, and confirm that the six digit number on the page matches the current number in your two-factor authentication app.
Under Emergency codes on the Your Two-Factor Authentication page, copy the three six digit codes and store them in a safe place. Each of these codes may be used once to log in to your account if you don't have your two-factor authentication device. When you use your last emergency code, you will need to follow these steps again to set up two-factor authentication with a new QR code/private key.
Under Activate two-factor authentication on the Your Two-Factor Authentication page, click Enabled to complete the activation.
Now when you log in to a site on your Enterprise Platform, after entering your username and password, you will be directed to a page where will you have to enter the six digit code in your two-factor authentication app to complete your login process.
Frequently Asked Questions
How do I stay logged in on a trusted device?
To remain logged in for two weeks on a trusted device, be sure to check the "Remember Me" box below the password field on the login page.
What if I don't have my two-factor authentication device or my emergency codes?
You should contact your Enterprise Platform administrator at your firm. They will be able to temporarily disable two-factor authentication for your account or provide your emergency codes. For security reasons, we are unable to disable two-factor authentication or provide your emergency codes.
As an Enterprise Administrator, how do I help a user get access if they don't have their two-factor device or emergency codes?
Log in to a site on your Enterprise Platform with your Site Admin account, then hover over My Sites in the toolbar and click on the Dashboard link for the site name containing "Network Dashboard." Once you are on that dashboard, hover over Users then select Add User. Then under Add an existing user to this site enter the user's email address to add them to this site.
Then hover over Settings in the left menu and click Two-Factor Authentication. This page contains settings that affect every site and user on your Enterprise Managed Platform.
Scroll to the Manage users' settings section, and click the field to enter their username. Then click the Get codes button to get the user's emergency codes. If they have lost their two-factor device or used all of their emergency codes, you can click the Deactivate Two-Factor Auth button to allow them to log in and set up two-factor authentication again. You can even deactivate two-factor for the user and then click Activate Two-Factor Auth to get their new secret key and emergency codes to share with them securely.
How do I require users to set up two-factor authentication?
By default, two-factor authentication is available to all users to set up for their account but is not required. To require it for certain user roles, log in to a site on your Enterprise Managed Platform with your Site Admin account, then hover over My Sites in the toolbar and click on the Dashboard link for the site name containing "Domain Routing Page." Once you are on that dashboard, hover over Settings in the left menu and click Two-Factor Authentication. This page contains settings that affect every site and user on your Enterprise Managed Platform.
Under the Make two-factor authentication compulsory section, check the boxes next to the user roles you would like to require to use two-factor authentication. We recommend requiring two-factor of Administrator and Editor roles at least. You can set a grace period for new users to set up their two-factor authentication (default is 10 days). Note: Requiring two-factor will lock out any users of those roles who haven't set up two-factor authentication yet. We recommend communicating a deadline for two-factor activation with your users and then enforcing the requirement after the deadline.