In this article you can read about the security measures of two-factor authentication and how you can set this up in Basecone. By using this option, the Basecone environment is more secured. When you enable this option, it is mandatory for all users to log in with a verification code that is sent by SMS in addition to the known login details registered in Basecone.
However, this setting is not mandatory. A Super user can enable this setting for the whole office environment and this will be applied to all users in the office.
By default, the setting for two-factor authentication is set to No.
How can I enable the two-factor authentication?
To enable the two-factor authentication, you can follow the steps below:
- Login as Super user
- Go to Settings - Office - General (tab)
- Enable the two-factor authentication
The settings can be found in the office settings under the general tab, and can only be enabled or disabled by the Super user. When you try to enable this setting, you will be prompt for confirmation before activating this setting. A pop-up screen will open informing you that this setting will affect all users in the office and that all users must be notified about this. You can click on yes to confirm this setting and then it will be changed to mandatory.
When the two-factor authentication is enabled, it is very important that each user to register their mobile number in Basecone. When logging into Basecone, each user must enter an SMS code that he / she receives on their mobile phone when logging into Basecone, next to their username, password and office code.
Two fields have been added to the user settings:
- Two-factor authentication
The two-factor authentication field shows the office setting and cannot be adjusted by the user (this is grayed out)
- Mobile number
The phone number registered to which the SMS is sent with the verification code
The mobile number can be registered in the following two ways:
- Logging in the first time
The user is asked to enter his/her mobile number. The SMS with verification code is sent and then entered. After logging in with this code the mobile number is saved with the status confirmed.
- User settings
A user with the role Super user and / or Accountant can enter the mobile number, although this number is not confirmed. The user will be able to confirm this number with the verification code when they log in to Basecone.
The mobile numbers are only used by Basecone to send a verification code by SMS.
The mobile number is stored with the country code, the number can be entered with or without a country code. If the country code has been added (eg +44) the flag of the country will be changed to the entered country (in this case UK).
If the country code is not added, the number will be saved with the country code selected via the flag, which can be selected in the drop-down menu. Basecone will show the 6 most used countries first, the rest of the countries are displayed in alphabetical order.