You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
Home > HappyFox Service Desk > Account Setup & Configurations > Security Settings and Configurations > How to configure Two Factor (2FA) Authentication in Service Desk?
How to configure Two Factor (2FA) Authentication in Service Desk?
print icon
Dec 28, 2023
views icon 213

What is Two Factor Authentication?
Two-Factor Authentication (2FA) is a security mechanism that will an extra layer of protection to user login. Instead of relying only on a password, 2FA requires an additional piece of information, typically like a code, smartphone, hardware token, fingerprint or facial recognition. This helps prevent unauthorised access, as even if someone knows your password, they would still need the second factor to log in successfully. This article explains how to configure two factor authentication in Service Desk and how it will work when agents login to their accounts.

 

Required Permission

Manage Security Settings

  • Agents with this permission will be able to access the Two Factor Authentication module under Service Desk > Manage > General Settings section > Security module
  • This is a Account Level Permission.

How to configure Two Factor Authentication(2FA)?

Two factor authentication can be enabled for all agents at account level and also each agent can choose to enable it themselves from their respective account settings. More details are explained below.

Enabling Two Factor Authentication(2FA) at Account level

  • Once this settings is enabled, all the agents will be forced to configure 2FA before they can continue to access service desk.
  • Only when they setup 2FA they will be allowed to access service desk.

 

Enabling Two Factor Authentication(2FA) at Agent Account level

Agents can enable two factor authentication by following the steps below

  • Every service desk agent will see an additional tab called Security within their My Settings section as shown below.

  • The agent should then download the Google Authenticator app (available for both iOS and Android devices) and scan the QR code displayed on the screen. Alternatively, they can enter the secret key to configure the code generator.

  • A verification code will be displayed in the agent’s authenticator app.

  • This verification code should be entered to complete the authentication process.

  • On successful verification, a set of backup codes will be displayed to the agent. These codes can either be downloaded or copied for future use. In case of a device compromise, backup codes can be used as replacement for the verification/sign-in code during login.

  • A backup code can be used only once. If all the generated backup codes are used, a new set can be generated.

Note:

  • Once the initial setup is done, the agent can re-configure two factor authentication if needed.
  • On re-configuring, old code generators (if any) will be rendered obsolete.
  • Verification codes generated using the old QR code will no longer work.

 

Two factor authentication during agent login

  • Once two factor authentication is enabled, the agent will be prompted to enter the verification code (sign-in code) generated using Google Authenticator app after a successful email and password validation.

  • If the agent is unable to access the authenticator app, backup codes can also be used for login.

  • If an agent enters incorrect validation code, they will be prompted to try again. If the validation code is incorrect even during the subsequent prompt, then Service Desk treats this as an invalid login attempt. The user is taken back to the login screen and will have to authenticate again (via email or password) before they can enter the validation code.

  • Repeatedly entering incorrect validation codes can result in account lockout.

Note:

  • Two factor authentication is available only to users who use traditional email and password combination for logging into Service Desk.
  • Customers dependent on Single-Sign-On (SSO) for logging in to Service Desk, will have to configure two factor authentication on their respective Single-Sign-On (SSO) provider’s portal.

 

Benefits of Two-Factor Authentication (2FA) in Service Desk

  • Enhanced Security: Implementing 2FA adds an extra layer of security to the user accounts, reducing the risk of unauthorised access and potential data breaches.
  • Reduced Risk of Credential Theft: Since 2FA requires a second factor beyond passwords, it becomes more challenging for attackers to steal login credentials and gain unauthorised access to the accounts.
  • Protection Against Phishing: 2FA can protect against phishing attacks, where attackers attempt to trick users into revealing their passwords. Even if a user falls for a phishing attempt, the attacker would still need the second factor to gain access.
  • Compliance Requirements: Many industries and organisations are subject to compliance regulations that require additional security measures like 2FA to protect sensitive information.
  • Improved User Trust: Users feel more confident knowing their accounts have an extra layer of protection, leading to increased trust in the service desk and the organisation's overall security practices.

 

Related articles

What is Account Lockout?

 

Feedback
0 out of 0 found this helpful

Tags

close button
scroll to top icon