Two-factor authentication
Two-factor authentication (2FA) requires an additional confirmation of the identity while logging in apart from providing a password. In Synerise, users have the following options to confirm their identity:
- an authenticator app on the user’s smartphone
- email with code - Synerise sends an email with a security code to the user
You can enable 2FA for a workspace which in turn enforces it to all users who have access to this workspace. However, users may enable it individually for their accounts even if 2FA is disabled for a workspace.
Prerequisites
You must be granted access to the Settings module and permissions that allow performing actions there.
Enforcing 2FA for a workspace
After 2FA is enforced for a workspace, users won’t be able to access it unless they configure 2FA for their accounts. Logging on with Security Assertion Markup Language (SAML) is treated as a successful 2FA login.
- Go to Settings > Access Control.
- In the Two-factor authentication section, to enforce this type of authentication, click Enable.
Result: 2FA is enforced for the workspace. The users who have access to this workspace must enable 2FA configuration for their accounts.
Disabling 2FA requirement for a workspace
- Go to Settings > Access Control.
- In the Two-factor authentication section, to switch off this type of authentication, click Disable.
After you disable the 2FA requirement, 2FA remains enabled for users who already configured it.
Enabling 2FA for a single user
To define the individual configuration of 2FA for user’s account, see “Account Security”.