Two-factor Authentication (2FA)
Two-factor authentication (also known as 2FA) is a subset of multi-factor authentication. It allows your users to enable additional protection for their SmartFile account by requiring a combination of two different factors to gain access. The two factors are something they know (e.g. their password), and something they have (usually their smartphone, their email, or an authenticator application).
2FA is an excellent way to improve your security profile and provide an added layer of protection to your data. Two-factor authentication affects logins to the web interface only.
Users who are able to set their own passwords can configure their own 2FA methods in their user profile. Other users, including administrators, do not have access to change the 2FA setup for a user.
Two-factor authentication is not required for your users; if your organization requires two-factor authentication for compliance reasons, each user must configure their own account to use 2FA.
Site Administrators can configure sitewide 2FA settings in the Password Management section of the Admin Dashboard.
Supported 2FA Methods
SmartFile offers 3 methods your users can choose from to meet their needs.
Authenticator Apps
These include apps that use TOTP (time based one-time password) such as Google Authenticator, Duo, and Authy. Authenticator apps are typically installed and used on mobile devices.
If you've lost access to your authenticator app, you can receive a backup code via email during the login process.
SMS (Text messages)
This method is considered less secure than using an authenticator app but still offers greater security than password alone.
If you've lost access to your phone, you can receive a backup code via email during the login process.
Email Verification
With this method, the user must supply a code sent to them via email each time they attempt to connect. Just like SMS, receiving a 2FA code with email is less secure than other options, but still better than relying on a password alone.
Last updated