Provet Cloud offers two-factor authentication (2FA) features to increase the security of user accounts. When the feature is enabled, users have to periodically authenticate themselves in two steps:
- User attempts login with their personal password (successfully)
- An additional 6-digit code input is prompted
- If they have a phone number listed on their profile, they will receive an SMS with the code and will have to input it to proceed
- If they don't have a phone number listed on their profile, they are prompted for the number after which they will receive the SMS and will have to input the code as above
- If the code input is correct, the user is logged in normally. Successful two-factor authentication will time out after 30 days, after which the user has to repeat the process on login.
Enabling and disabling the feature
This feature is generally available for all Provet Cloud users. Note that if a custom authentication method like SAML2 or LDAP is in use, the two-factor authentication feature will not be available.
To enable it, go to Settings > Users > Password settings and enable the option "Enable two-factor authentication".
You can also disable the feature by simply turning off the "Enable two-factor authentication" setting, but it's not recommended due to added security benefit.
Option to disable for specific users
If you want to disable the feature for a specific user for some reason, you can do it by enabling the "Disable two-factor authentication" option when editing their account.