Login Security

 

boberdoo’s login security feature requires two-factor authentication for any admin, partner or vendor that logs into your system.

What Is Two-Factor Authentication?

Two-factor authentication is a system access security feature that requires the user to verify their identity at two separate touch points.

  1. Enter the correct username/password
  2. Enter the 2FA verification code

Once both steps are completed, the user can log into the system.

How to Enable 2FA in Your Lead System

Login to your lead system with an admin, partner, or vendor account.

From your Lead System home page, navigate to Settings > 2FA Settings

You will see two options for 2FA authentication - Google Authenticator and Email.  Using an authenticator app is considered to be more secure than other methods of authentication.  boberdoo recommends setting up both methods so you have a backup in the event that your authenticator device is unavailable.

First, we will set up 2FA with Google Authenticator.  You will need to install the Google Authenticator app on your phone or another mobile device.  The app is available for free for iPhone and Android devices in their respective app stores.  Download the app before proceeding to the next steps.  Note: We suggest using Google Authenticator, however, other authenticator apps such as Microsoft Authenticator are compatible with boberdoo 2FA as well.

Click Setup to proceed.

A QR code will be displayed. Open the authenticator app on your phone.  Click the add icon in the app and scan the QR code with your device’s camera.

image6

A six-digit authentication code will be displayed in your app.  Enter the code in the First Authentication Code field. Keep the app open and wait for the code to change (the code changes every 30 seconds).  Enter the next code in the Second Authentication Code field.  Click Setup Google 2FA.

image2

Google Authenticator setup is now complete. 

Next time you log into your Lead System, you will be prompted to enter the 2FA code from your app.  Once authenticated in this way, you will only need to enter the 2nd-factor code every 30 days or whenever you sign in from a new browser or device.

image11

Next,  we will configure 2FA for email. Click Setup to begin.

A verification link will be sent to the email address associated with your Lead System account.  If you did not receive the verification email, check your spam folder or click Re-Send Email to try again.

Check your inbox for the verification link.  

image4

Click the verification link to complete the setup.

Now that you have configured both 2FA options, you may log in to your account with either method.

Navigate to your Lead System login page and enter your username and password as you normally would.

You will be prompted to select an authentication method - either Email or Authenticator App.  

In this case, we will choose Email from the dropdown menu. Click Send Confirmation Code.

image5

Check your email for the code and enter it here.  Click Login to proceed.

image3

Upon successful authentication, you will be directed to your Lead System home page.

Remember that the authenticator app is the quickest and most secure way to retrieve your 2FA code.  Email should only be used if your mobile device is unavailable (lost, stolen, dead battery, etc.). In consideration of using email for 2FA: Do not use the same password for your Lead System that you use for email and enable 2FA on your email account if you don’t have it already.

If you ever need to reset 2FA authentication methods for use with a new device or email address, return to Settings > 2FA Settings and select Disable on the method you want to change.  Never disable both methods at the same time.  If you do, you may be locked out of your Lead System and will need to have an administrator assist you.

The above rules and setup process can also be applied to any of your partners and vendors when they log into the system.

How Often Will 2FA Be Required?

If the user has enabled 2FA and used it to log in, they will only be prompted for the code once every 30 days. (same computer, same browser)

If you'd like to test, you can try from a different computer or different browser (e.g. Firefox instead of Chrome, or using Incognito).

Additionally, if the admin user is logged in, you can see how many days are left in that cycle by navigating to Settings > 2FA Settings. Look for the login cache on the right side of the screen to see how many days are left.

You can click the refresh button to reset the countdown. Upon the next login, the user will be prompted to enter a 2FA code.

If you have any questions about two-factor authentication or if you do not see the two-factor authentication rules when editing an admin user, partner or vendor, please contact support.

How can I force my users to enable 2FA?

Under Settings > Manage Users, this is the page where you can DISABLE 2FA for different users, but not enable it. Enabling can only be setup by that individual user, and having them login and go to Settings > 2FA Settings and then choosing either the app or email as their method of authentication. We can set your system to soft redirect the users (they are brought to the 2fa to enable but can navigate away) or hard redirect (they are forced to the 2fa page and cannot navigate away until it is set).

 

Explore boberdoo's Entire Security And Data Retention Suite