Image 1. Two-step verification to access Jotelulu
How to activate two-step verification to access the administration panel?
Before you begin:
To successfully complete this tutorial and enable two-step verification, you will need:
- To be registered on the platform, have signed in and have a username to work with.
- A smartphone and to have downloaded the Google Authenticator app or Microsoft Authenticator.
- If you wish to enable two-step verification for the user portal, you will need to have previously added a service that requires the use of the portal (e.g. Remote Desktop or Cloud File Storage).
Step 1. Go to the profile settings on the platform
Starting from the initial dashboard, go to the Organisation section (1) using the top menu.
Step 1. Go to the Organisation section to enable two-step verification
In the Organisation section, click on the User subsection (2) located in the menu on the left.
Step 1. Go to the User subsection to enable two-step verification
Select a user, click on the three dots on the right-hand side of the table and click on “Edit” (3).
Step 1. Select the user that you want to enable two-step verification for
Step 2. Activate two-step verification on the platform
Next, go straight to the Profile subsection, where you will find the user’s name, role and telephone number. If you scroll down a little, you will also see options to manage their password and two-step verification. Tick the checkbox for two-step verification (4) for the Administration Panel and click “Save” (5). Although not shown in the image below, it is also possible to activate two-step verification for the user portal (the checkbox below).
Note: the fields “Generate new key” and “Generate new single-use codes” shown in the image below will not appear if it is the first time that two-step verification is activated. See points 10 and 11 below.
Step 2. Activate two-step verification for the selected user
Step 2. Wait for the platform to confirm that changes have been applied successfully (two-step verification enabled)
Step 3. Registering and configuring the mobile app
The next time that the user accesses the platform (sign in), they will need to have their smartphone to hand with the Google Authenticator app open, or “Microsoft Authenticator” in case of having chosen this other option. When they attempt to sign in, a message will appear displaying various codes:
Step 3. Read the message that appears when signing into the platform
The message will display two types of code, either of which can be used to register/configure the mobile app:
- Alphanumeric password (6.1). Register this key in the Google Authenticator app or in Microsoft Authenticator.
- QR Code (6.2). Take a capture of the QR code using the Google Authenticator app or in Microsoft Authenticator.
Step 3. Choose one of the two codes to configure the Authenticator app
Step 3. Consult the Authenticator app for the code to access the platform
Step 3. Remember that you also have codes for moments when you cannot consult the Authenticator app
Step 3. Once two-step verification has been activated, the user profile will have new fields enabled to generate new codes
Summary
Critical services often if not always need additional security measures, and two-step verification is a way of increasing security when providing access to services and processes. If you would like more information about the levels of security at Jotelulu, please take a look at the section entitled: Infrastructure and Security.