Enhanced Login Security
Basic login requires that the user enters a User name and a Password. The user may feel that this level of security is simple, convenient and sufficient.
Where the user (or organisation) feels it is necessary to protect the account with an additional layer of security, enhanced login security can be applied. This will require the user to have an authenticator app installed on a mobile phone or tablet that supports Time Based One-Time pass-codes(TOTP). That device will have to be accessible each time the user logs-in.
Once a suitable authenticator app has been installed, turning on the Enhanced Login Security feature will present a screen that includes a QR code. Use the device camera to scan the code, the app. will create an account for the login and provide a pass-code.
Enter the pass-code and click OK so the system can confirm that everything is configured properly and enable your enhanced security.
Removing Enhanced Login Security
At its simplest removing Enhanced Login Security requires the User to navigate to their User Profile, click LOGIN SECURITY button and toggle the switch off. The device and app. being used to generate login pass-codes is de-registered and a pass-code will no longer be requested. The user my choose to delete the account on the app. by following the apps instructions.
However, in many circumstances it will not necessarily be that easy,this is about additional security after all, some examples:
- If the Organisation mandates all users use enhanced login security then attempting to remove for a particular user will not be allowed.
- If the organisation does Not mandate enhanced login security But that user has access to other live organisations again removal will not be allowed. The user themselves can remove enhanced login security via their User Profile, as long as the other organisation do not require it.
- If the organisation does Not mandate enhanced login security and that user has no other access to other live organisations the enhanced login security is removed.
- The user looses their device or has a new one, someone else with access to the same organisation will need to login (as themselves), navigate to Manage Users and Deregister (TOTP). Then with a new device the user, when logging in next, will see the QR code again to register that device.