During installation, two-factor authentication is automatically set up to provide an extra layer of security against unauthorized access. Users with DefenseStorm Admin permissions can reset the 2FA settings by selecting Settings > Users > 2FA column > Reset 2FA. If you only have one DefenseStorm Admin and their account requires reset, call DefenseStorm for assistance. To eliminate the need to contact support, have two DefenseStorm Admins so they can reset each others 2FA if necessary.
Setting up two-factor authentication
To set up two-factor authentication as an individual user:
- Go to Settings > Profile and select Set Up.
- Select device type (Android, Blackberry, iOS, Windows Phone). While the UI mentions Google Authenticator, Authy, and Salesforce are two common alternative 2FA applications.
- After completing the instructions for your device, select Enter Generated Code, and enter code generated by your chosen authentication app. *YubiKey Note: To use it with the GRID, go to Settings > Profile > turn on U2F.
- Select Verify to enable 2FA. It will be required upon next login.
Using two-factor authentication
- Go to the DefenseStorm UI.
- Enter your username and password. Verification code prompt displays. If using YubiKey, it asks you to touch device for authentication, no code needed.
- Open your authenticator app and enter the 6 to 8 digit verification code associated with your DefenseStorm account.
- Once the code is entered correctly, you are fully logged into the system.
If your generated 2FA code is not accepted, check the time difference on your 2FA device and the device used to access the GRID. If they are more than 30 seconds off, the generated code will not work. Make sure the following settings are implemented:
- Phone is up-to-date
- Time is set to automatic
- Phone and the GRID are set to the same time zone