You’re probably familiar with two-factor authentication if you use services like Google Suite, Apple iCloud, or Xero. It’s sometimes called Two-Factor Authentication/Verification or 2FA for short.
An OTP, or One-Time Password, is a code generated within an authenticator app that is used as part of the 2FA process. It serves as a second step in verifying a user's identity, ensuring that access is granted only to authorised individuals. The OTP is a six-digit unique code that is time-sensitive, often valid for only 30 seconds, to enhance security.
With 2FA enabled, in addition to supplying your email address and password when logging in, you’ll also need to enter a unique code. This code is generated by an app on your smartphone, proving that it’s you. You’ll need an authentication key each time you log in.
The OTP screen appears during the login process to request a code as part of 2FA, even in cases where a password has recently been reset, ensuring enhanced security for your account. Users also have the flexibility to select an authenticator app that suits their preferences. Popular options like Google Authenticator and Microsoft Authenticator are commonly used, but others are also compatible, allowing each user to choose an app based on individual needs.
Why use Two-Factor Authentication (2FA)?
Two-factor authentication adds a layer of security to your account. Even if your password falls into the wrong hands, a malicious individual will still require the unique code generated by your device to log in.
How to Set Up Two-Factor Authentication (2FA):
Install an Authenticator App: Download Google Authenticator or Microsoft Authenticator to your phone or device. Ensure the app is installed before proceeding to the setup process.
Log into Current RMS: Access the login page and proceed to the set-up verification page.
Scan the QR Code:
Open your authenticator app and select 'Add a new account'.
Use the app’s built-in QR code scanner to scan the code displayed on the setup page.
Verify the OTP:
Your RMS account will appear in the app.
Generate a six-digit OTP code within the authenticator app and enter it in the ‘Two-Factor Code’ field on the RMS page.
Click ‘Verify Code’ to complete the setup. After setting up, the app will generate a new OTP every 30 seconds to ensure codes remain current and secure during login attempts. Use these OTPs for future logins.
Authentication codes expire every 30 seconds. If the timer is close to running out, wait for a new code before entering it.
⚠️Each Account can only be connected to one Authenticator. If you have multiple users using one account, they will need a code from the same Authentication app.
Remember me
When logging in with 2FA, you can set it to 'remember' your log in. When inputting your Email and Password, select the Remember me tickbox.
This will remember your account to up to 30 days. After 30 days have expired, you'll be prompted to enter in a code again to re-authenticate your account.
⚠️ If someone logs into an account and selects Remember me on the computer, then goes to another computer and logs into that device with the same account. This increases the risk of a malicious and social engineered attack.
Setting Up, Managing, and Troubleshooting Two-Factor Authentication (2FA) in Current RMS
Two-factor authentication (2FA) is a critical security feature that protects your Current RMS account by requiring an additional verification step during login. Follow the steps below for setting up 2FA, managing common issues, and exploring additional security features like Single Sign-On (SSO).
Make sure to enter the six-digit authentication code promptly, as these codes expire every 30 seconds. Wait for the app to generate a new code if the timer is near expiration.
Enhancing Security with Single Sign-On (SSO)
Single Sign-On (SSO) is an alternative authentication method available in Current RMS. If you already use Google or Microsoft SSO, you are not required to set up 2FA. Use these steps to enable SSO:
SSO ensures secure access without needing manual two-factor authentication codes.