Two-Factor Authentication
Two-factor authentication provides a higher level of security for the Access Commander user account. To log in, the user enters the login data and has to confirm the login using an authentication application. Once the administrator turns on two-factor authentication, the user will be prompted to interconnect the user account with an authentication application of their own in the next login.
Access Commander does not require that you re-verify your identity whenever you log in or perform protected actions. Once you complete the authentication, the system remembers you for a limited time:
7 days for normal logins
5 minutes for actions considered security critical, such as changing API keys, updating your own password or modifying the root password.
The system can remember up to two authenticated devices. If you authenticate from a new device, the oldest remembered device is removed. If you try to perform a security-critical action outside the allowed time window, the system will simply ask you to authenticate again before you can proceed.
The administrator sets two-factor authentication in .
The administrator can choose which users will be requested to use two-factor authentication.
Two-factor authentication request optionsOptional
Two-factor authentication is voluntary. Users can enable two-factor authentication in their profiles.
Mandatory for user with a role
Every user that has been assigned a role has to verify the login using an authentication application.
Mandatory
All users must verify their logins using an authentication application.
If the administrator sets optional two-factor authentication, you enable two-factor authentication yourself as follows:
Click the user image in the right-hand upper corner to open the user menu.
Use the Authentication Applications tab to link your account to the selected authentication application. Follow the instructions in Access Commander.
Select .