How to Set Up Two-factor Authentication

Overview

Two-factor authentication works as an extra layer of security for your data in addition to your user name and password. With two-factor authentication, you need to enter a verification code in addition to your password when you log in to simPRO. This secure login process reconfirms your identity and prevents unauthorised access to your account.

To use this simPRO security feature, download Google Authenticator on your Android or iOS mobile device from Google Play and App Store respectively.

In order to view content or perform actions referred to in this article you need to have the appropriate permissions enabled in your security group. Go to System A screenshot of a schedule icon with a grey calendar icon and an arrow. > Setup > Security Groups and access your security group to update your permissions. The relevant security group tab and specific permissions for this article can be found here:

Two-Factor Authentication

You need to have the applicable security group permissions enabled to access two-factor authentication settings in simPRO.

  1. Go to System A screenshot of a schedule icon with a grey calendar icon and an arrow. > Setup > System Setup > Security Groups.
  2. Click the required security group from the list.
  3. Go to the Setup tab and click System.
  4. Select the Two-Factor Authentication check box.

With the security permissions enabled, you can activate two-factor authentication for all users in your simPRO build.

  1. Go to System A screenshot of a schedule icon with a grey calendar icon and an arrow. > Setup > Two-Factor Auth.
  2. Toggle ON to enable Two-factor Authentication.

When you set up the Two-factor Authentication, you are prompted to complete an onboarding process on your next login. Before you get started, download and install Google Authenticator on your iOS or Android mobile device.

You can set up the option to trust the device you are logging in from when using two-factor authentication. This option helps remember a device for 30 days and allows you to use two-factor authentication without having to constantly verify your login attempt.

To set up Google Authenticator with QR code, you need Android version 2.3.3 or later / iOS 7.0 or later.

Enter your simPRO user credentials and follow the steps below:

  1. Click Get Started.
  2. You are then presented with a QR code in simPRO to scan with your Google Authenticator app. Scan the QR code with your mobile device.
    • If your mobile device does not have a camera, click Manual Entry with Provided Key below the code and enter the key into the app manually.
    • Make sure you toggle on Time-based when you enter the key manually.
  3. When the Google Authenticator app displays a 6-digit authentication code, enter it in the field provided and click Next.
    • Select Trust this device to only be prompted every 30 days to complete the authentication, provided you are logging in from the same device with the same browser.
  4. Select your three security questions and enter corresponding answers, then click Next.
  5. The setup process for the Two-factor Authentication is now complete. Click Go to Dashboard.

On your next login after the Two-factor Authentication setup is complete, you need to enter the 6-digit Authentication Code generated by the Google Authenticator app in simPRO. Alternatively, click I don't have my device with me to answer the security questions that you configured during the setup.

To reset the two-factor authentication settings in simPRO, hover over your name and click Change Password > Reset Authentication. Enter the 6-digit Authentication Code generated by the Google Authenticator app to continue with the reset process.

If you disable the Two-factor Authentication in System Setup and later re-enable it again, users are prompted to set up their security code and questions again.

If you are unable to login to simPRO using the two-factor authentication process, your simPRO admin can reset your login using the settings in your employee card.

  1. Go to People A screenshot of a schedule icon with a grey calendar icon and an arrow. > Employees.
  2. Access the required employee card.
  3. In the Profile tab, click Settings.
  4. Click Reset Authentication.

The employee can then redo the two-factor authentication onboarding process.

To protect your simPRO build from users logging into a company without two-factor authentication and then navigating to companies with two-factor authentication, there are a few specific rules for this feature in multi-company builds.

  • Two-factor authentication is included under Shared Setup. If you have two-factor authentication active and a Shared Setup, all users across all multi-company builds are required to use two-factor authentication.
  • If users have access to a company that uses the secure two-factor authentication login and also other companies that do not have the two-factor authentication login configured, they are still required to used the two-factor authentication verification when they login, regardless of which company they are logging in.