Table of Contents
Home > FAQ > Admin > Managing User Accounts > Administrator's Guide to 2Auth (Second Factor Authentication)
Administrator's Guide to 2Auth (Second Factor Authentication)
Welcome to the Administrator's guide for 2Auth (Lookafter's Second Factor Authentication Feature). This guide will help you understand and manage 2Auth within your organization, enhancing security for user accounts.
Introduction
2Auth is a security feature that adds an additional layer of protection to user accounts. It requires users to provide a one-time password (OTP), which is sent to their registered email (2Auth Email) during the login process.
2Auth settings are managed at user level (per-user basis). This means that as a voadmin/avomaster, you do not enable or disable SFA for all users collectively. Instead, you have the ability to enable or disable 2Auth for users individually.
You can access a user's 2Auth settings under the “2Auth” section of the user's account settings.
 |
Setting Up 2Auth for User
To enable 2Auth for a user:
1. Go to Profile > Admin > Accounts, and select the user.
2. Tick the “Enable 2Auth” checkbox.
 |
3. Enter the email address where the user will receive the One-Time Password (OTP).
 |
4. Click Update.
 |
Once this is saved, the user will be required to enter an OTP as second factor authentication on their next login.
Editing User's 2Auth Email
To change the user's 2Auth Email for receiving OTP:
1. Go to Profile > Admin > Accounts, and select the user.
2. Change the email address at the “2Auth” section.
 |
3. Click Update to save the setting.
|
Deactivating 2Auth for User
To disable 2Auth for a user:
1. Go to Profile > Admin > Accounts, and select the user.
2. Untick the “Enable 2Auth” checkbox.
 |
3. Click Update.
Questions & Answers (Q&A)
1. What can I do if my user is not able to receive the 2Auth OTP email?
If your user did not receive the 2Auth OTP email in their Inbox, Spam or other folder after more than 10 minutes, you can either:
- Change the user's 2Auth Email to an email address that can receive the OTP email; or
- Temporarily disable 2Auth for the user while ensuring the user's 2Auth Email does not block emails coming from lookafter.com traffic.
2. Can I enforce 2Auth on multiple users?
As 2Auth is applied per-user basis, there is no option to enable the feature for multiple users collectively. 2Auth has to be enabled user-by-user (either by user's initiative, or by the voadmin/avomaster within each user's account setting).
