The purpose of this functionality is to:
Allow Investment Café Investor Portal users to have a more secure login by requiring the user to login using 2 identifiers, something they know, and something they have. Something you know would be your password and something you have would be a cellphone or your desktop machine for example.
The user will be able to use MFA via a mobile device or desktop. This document outlines the steps to install and use the tool using either method.
2. Installation for Mobile Devices
When installing on mobile devices make sure you have passwords to your play store or iTunes account available if applicable. You will need it to install either application.
2.1 Google Authenticator
To install Google Authenticator, you need to locate the application in your app store.
Search for Google Authenticator in the search bar and select it from the drop down.
Click Install to install the application on your phone.
Click Open to begin the setup process.
On the next screen you will see a button, click Begin/Begin Setup. You will then be prompted to Add an account. You can do this by scanning a barcode or entering a code.
2.2 Twilio Authy 2-Factor Authentication
To install Authy 2-Factor Authentication (Authy), you need to locate the application in your app store.
Search for Authy 2-Factor Authentication in the search bar and select it from the drop down.
Click Install to install the application on your phone.
Click Open to begin the setup process.
The next screen is the Account Setup screen. You will be prompted to enter your cell phone number.
Enter the phone number, then your email address.
A popup appears to select how you would like to verify your account. Select Phone Call or SMS. Once you make your selection, you will receive your registration code via that method.
Click the plus sign to add your account. You will be asked for a password.
Enter the password sent to you after the numeric code.
3.1 Authy 2-Factor Authentication
To install Authy 2-Factor Authentication (Authy)on your desktop, go to https://authy.com/download/.
1.Once on the Authy site, under Desktop, select the operating system you are currently using, then click Download.
2. The exe. file is ready. Click Run.
3.The following screen will appear. Enter your phone number and click Next.
4. Get Verification Code via one of the following methods: Existing Device, SMS or Phone Call.
5. Enter the code received.
6. When user is ready to complete the MFA setup, click “+” to add your first account.
7. Enter Code provided by the website. (The code that needs to be entered below will be provided when logging in to the site and the user follows the verification process.) Then click “Add Account”.
*Note: If user has multiple logins for one database, they will need to add an account for each user. Same applies if a user has access to multiple databases.
8. On the next screen you are prompted to enter your Account Name and Logo. Enter the Account Name (Database Name) and select an Icon. Any of the Generic colors is good.
9. Token length should be on 6-digit. Then click the Save button.
10. The next screen will display a 6-digit code to enter when completing the Verification process outlined under “Logging in to Site”. (The code changes every 30 seconds.)
*Note: If setup is not completed on the first visit, when the tool is reopened, it will pick up where the user left off. If user defers for any reason, they can continue the process on the next visit.
Once the system has been setup and users have installed one of the authentication tools, users are now ready to login to the site using MFA. For users who have no MFA Enrollment Due Date entered or the Due Date has expired, they will proceed as follows.
1. Upon initial login, users will receive a Security Verification dialog box. Click, Get Started Now, to proceed to the next step.
2. The next screen in the Verification process will walk the user how to install recommended apps, if they have not already done that step. It will also provide an image they can scan using their mobile device or a long code if using their desktop. Once they enter the code into the authenticator app, a 6-digit code will be available for the user to login to the site
3. Click on “I have a six-digit code”. The following box will pop up. Enter the code provided without spaces and click “Verify”.
4. Authentication is complete and the user is logged in. (*Exception, if user’s password expires, they will be prompted to change it, then they will be logged in.)
For users who have a MFA Enrollment Due Date entered, they will proceed as follows.
1.Upon initial login, users will receive a Security Verification dialog box. The user will have the option to click, “Get Started Now” to setup MFA Authentication or defer by clicking “Remind Me Later”.
2. Clicking on “Remind Me Later” will login the user as normal. If the contact’s password has expired, they will be prompted to change it upon login.