Ask the CommunityHire an ExpertLoginSign up

2FA - Two Factor Authentication

You can add an additional layer of protection and security to your Noloco App by enabling 2FA (Two Factor Authentication) in the Sign in Options

2FA adds an additional factor, or form, of identification to the Identity and Access Management process so that users need to know something - their password - and have access to something - an OTP from an authenticator app - in order to access your organization’s data. Users can generate one-time passwords (OTPs) with an authenticator app such as Google Authenticator or Authy.

Users on the Enterprise plan can access 2 Factor Authentication features by default as part of their plan. Business users have the option of enabling 2FA, but not enforcing it.

Add 2FA to your app

After opting-in to 2FA you must publish your app for 2FA to be enabled in your app

To add 2FA as a sign in option to your app go to “Settings > Login & Sign Up > Two-Factor Authentication” or by clicking on this link: https://portals.noloco.io/~/_/settings/sign-in and click on the toggle to require a second factor of authentication during sign-in.

For Enterprise users, once this setting is enabled then this creates two opportunities for users to enable 2FA in their apps. The first is for new users who can enable 2FA when they sign up for your app for the first time. The second is for existing users of your app to enable 2FA to their existing accounts.

Once you have chosen to add 2FA in your app you must then publish your app for these changes to take effect.

Enable 2FA at Sign up

1

Link Authenticator App

Users can sign up for your app in the usual way and after they have entered their password they will be prompted to link their Authenticator app. This can be done by scanning the QR code or by typing in the 24 character code directly into their authenticator app.

2

Confirm Linking

Once the user has successfully connected to the authenticator app they will be prompted to enter a one-time password to confirm they have access to this second factor.

3

Download Backup Codes

After confirming, users will be prompted to download a .txt file with some backup codes. These codes can be used in the event of the user losing access to their authenticator app. The codes must be stored securely in a safe place.

Enable 2FA on an existing Account

1

Turn on 2FA

If you users already have accounts and you want them to retrospectively add 2FA this can be done by clicking on the user icon in the bottom left corner of the screen.

2

Start Setup

A modal will appear with guidance on how to enable 2FA.

3

Link Authenticator App

Next, the user will be prompted to link their Authenticator app. This can be done by scanning the QR code or by typing in the 24 character code directly into their authenticator app

4

Confirm Linking

Once connected to the app the user will need to confirm by entering a one-time password (OTP) that has been generated in the authenticator app.

5

Download Backup Codes

Finally, the user is prompted to download their plain text backup codes. These codes can be used in the event that the user loses access to their authenticator app and should be stored securely in a safe place.

Reset 2 Factor Authentication

App admins can reset two-factor auth for their end users via the Users table. Once 2FA has been enabled you will see a new "2FA setup Complete" column in the user table. Right-clicking on this field will allow you to reset 2FA for your end users.

PreviousSingle Sign OnNextClient Portal User Add-On

Last updated