This feature allows HappyFox agents to configure two factor authentication using an authenticator app (Google Authenticator) for added security.
Note: Two factor authentication is available only to users who use traditional email/password combination for logging in. Customers dependant on SSO for logging in to HappyFox, will have to configure two factor authentication on their corresponding SSO provider’s portal.
Two factor authentication can be enabled for all agents at account level or each agent can choose to enable it themselves.
Enabling 2FA at account level
Agents having “Manage Security” permission can navigate to Manage >> Security >> Two factor Authentication(tab) and enable the feature as shown below.
Once this is enabled, on the next login, all the agents will be forced to configure 2FA before proceeding into the app as shown below.
Enabling 2FA at agent level
Agents can enable two factor authentication by following the steps below
Every agent in your HappyFox account will see an additional tab called “Security” within their “My Settings” section as shown below.
The agent should then download “Google Authenticator” app (available for both iOS and Android devices) and scan the QR code displayed displayed on the screen. Alternatively, they can enter the secret key to configure the code generator.
A verification code will be displayed in the agent’s authenticator app. This verification code should be entered to complete the authentication process.
On successful verification, a set of backup codes is displayed to the agent. These codes can either be downloaded or copied for future use. In case of a device compromise, backup codes can be used as replacement for the verification/sign-in code during login.
Note: A backup code can be used only once. If all the generated backup codes are used, a new set can be generated.
Once the initial setup is done, the agent can re-configure two factor authentication if needed.
Note: On re-configuring, old code generators (if any) will be rendered obsolete. Verification codes generated using the old QR code will no longer work.
2FA during agent login
Once two factor authentication is enabled, the agent will be prompted to enter the verification code (sign-in code) generated using Google Authenticator app after a successful email/password validation.
If the agent is unable to access the authenticator app, backup codes can also be used for login.
If an agent enters incorrect validation code, he is prompted to try again. If the validation code is incorrect even during the subsequent prompt,, then HappyFox treats this as an invalid login attempt. The user is taken back to the login screen and will have to authenticate himself (via email/password) before he can enter his validation code. Repeatedly entering incorrect validation codes can result in account lockout.