Use two-step login as an additional security step when logging in to onboard.
Feature
The risk of systems being hacked and data being misused is constantly increasing.
The most common causes are usually weak or (unintentionally) passed on passwords of the users.
To provide additional protection for your data in onboard, we offer two-step login.
When using 2-step login, the login to onboard must be confirmed with a security code in addition to the password.
This code is valid once for a short period and is displayed via an app for authentication. The user chooses which app to use.
With the use of this feature, the login in onboard becomes even more secure, as in addition to the password, a new security code is required each time you log in.
You can require your users to use this feature, or keep it optional.
Using the 2-step login
The instructions on how to use the function for users.
Other security settings
Certain security settings can be predefined.
Frequently asked questions
What do I need the 2-step login for?
The 2-step login serves as an additional security step. While the chosen passwords could possibly be passed on, each security code is only available on the user’s own smartphone, is only valid for one login, and must be entered in a short time.
How can I require my users to use two-step login?
You can make this security setting under “Roles & Access” -> “Security”.
If there are already registered users in onboard, they will be prompted to activate the login in two steps after the changeover.
We use mandatory two-step registration. A user cannot register despite receiving an invitation, even though the correct code from the Authenticator app has been entered. What could be the reason for this?
Check whether the time setting on the smartphone is set to “automatic.” The time on the smartphone must not differ from the world time, otherwise an error will be detected when entering the one-time password (OTP). The reason for this is that the system detects a time difference between the creation and use of the OTP and therefore a new valid code would already be available in the authenticator app.