Setting up two-factor authentication

To further strengthen the security of your site, LexBlog's Premier Managed Platform includes two-factor authentication, which requires the use of a second factor (in addition to your standard username and password) to log in to your site. This added step ensures that if your username and password were ever stolen, access to your platform would remain protected.

The second factor we're using is a time-based one-time password generated using your choice of several free smartphone apps.

You will need:

  1. Your Premier Managed Platform username and password
  2. Your smartphone
  3. A two-factor authentication app for your specific phone platform, such as:
    1. Authy (Android or iOS)
    2. Duo Mobile (Android, iOS or Windows)
    3. Google Authenticator (Android or iOS)
    4. LastPass Authenticator (Android, iOS or Windows)
    5. Microsoft Authenticator (Android, iOS or Windows)

Follow these steps:

1. Download a two-factor authentication app onto a trusted mobile device you will have with you when you need to log in to your site.

2. Set up two-factor authentication by logging in to any site on your Premier Managed Platform, hovering over Users in the left menu and clicking on Your Two-Factor Authentication in the expanded menu. Just like your username and password, two-factor authentication will work on any of your sites on Premier Managed Platform once you set it up on one. 

3. Scroll down to the Your current one-time password, QR code/private key and emergency codes section to scan your QR code with your two-factor authentication smartphone app. Alternatively you can enter your short alphanumeric private key into your two-factor authentication smartphone app.

 

For details on how to operate your two-factor authentication app, please visit the official support pages of the app for your device operating system. Here are the support pages of popular two-factor authentication apps:

4. Once you've scanned your QR code or entered your private key into your two-factor authentication app on your smartphone, you will see a six digit number that refreshes every 30 seconds. On the Your Two-Factor Authentication page click the Refresh for current code link, and confirm that the six digit number on the page matches the current number in your two-factor authentication app.

5. Under Emergency codes on the Your Two-Factor Authentication page, copy the three six digit codes and store them in a safe place. Each of these codes may be used once to log in to your account if you don't have your two-factor authentication device. When you use your last emergency code, you will need to follow these steps again to set up two-factor authentication with a new QR code/private key.

6. Under Activate two-factor authentication on the Your Two-Factor Authentication page, click Enabled to complete the activation.

7. Now when you log in to a site on your Premier Managed Platform, after entering your username and password, you will be directed to a page where will you have to enter the six digit code in your two-factor authentication app to complete your login process.

Frequently Asked Questions

How do I stay logged in on a trusted device?

To remain logged in for two weeks on a trusted device, be sure to check the "Remember Me" box below the password field on the login page.

What if I don't have my two-factor authentication device or my emergency codes?

You should contact your Premier Managed Platform administrator at your firm. They will be able to temporarily disable two-factor authentication for your account or provide your emergency codes. For security reasons, we are unable to disable two-factor authentication or provide your emergency codes.

As a Premier Administrator, how do I help a user get access if they don't have their two-factor device or emergency codes?

Log in to a site on your Premier Managed Platform with your Site Admin account, then hover over My Sites in the toolbar and click on the Dashboard link for the site name containing "Domain Routing Page." Once you are on that dashboard, hover over Users then select Add User. Then under Add an existing user to this site enter the user's email address to add them to this site.

Then hover over Settings in the left menu and click Two-Factor Authentication. This page contains settings that affect every site and user on your Premier Managed Platform.

Scroll to the Manage users' settings section, and click the field to enter their username. Then click the Get codes button to get the user's emergency codes. If they have lost their two-factor device or used all of their emergency codes, you can click the Deactivate Two-Factor Auth button to allow them to log in and set up two-factor authentication again. You can even deactivate two-factor for the user and then click Activate Two-Factor Auth to get their new secret key and emergency codes to share with them securely.

How do I require users to set up two-factor authentication?

By default, two-factor authentication is available to all users to set up for their account but is not required. To require it for certain user roles, log in to a site on your Premier Managed Platform with your Site Admin account, then hover over My Sites in the toolbar and click on the Dashboard link for the site name containing "Domain Routing Page." Once you are on that dashboard, hover over Settings in the left menu and click Two-Factor Authentication. This page contains settings that affect every site and user on your Premier Managed Platform.

Under the Make two-factor authentication compulsory section, check the boxes next to the user roles you would like to require to use two-factor authentication. We recommend requiring two-factor of Administrator and Editor roles at least. You can set a grace period for new users to set up their two-factor authentication (default is 10 days). Note: Requiring two-factor will lock out any users of those roles who haven't set up two-factor authentication yet. We recommend communicating a deadline for two-factor activation with your users and then enforcing the requirement after the deadline.

Have more questions? Submit a request

0 Comments

© LexBlog | Terms of Service | Privacy Policy