Two-factor authentication is a popular security feature that adds an extra layer of protection for your account, in addition to your username and password. If an unauthorised third party was to obtain your username and password, they wouldn’t be able to log into your account without having access to your smartphone.
There are many different forms of 2-Factor Authentication, but the most common uses both a password and a code generated through your smartphone. At Checkfront, after entering your account password, you will be required to enter a 6 digit code that is sent to you either as a text message, or generated through the Google Authenticator app. If this is starting to sound a bit complicated, don’t worry. This is an optional feature and can be turned on or off at any time.
Let’s assume you decide to activate and use Two-Factor Authentication in your Checkfront account… here’s what you need to know…
You can see which staff accounts are currently using Two-Factor Authentication at Manage > Accounts in your Checkfront dashboard.
A quick glance at the table will show whether or not Two Factor Authentication is active, on a per account basis.
Staff members must each activate/revoke Two-Factor Authentication on their own individual accounts. To activate the feature on your own account, click on your account link from the top navigation bar and select Profile from the drop-down menu.
Scroll down to the bottom of the page and you’ll see a link to Setup your Two-Factor Authentication. Click on this link to begin the process.
After clicking on the link, a pop-up window will appear with instructions on how to proceed.
In order to complete the setup, you must enter a 6 digit code and click submit. There are two ways in which you can receive that code on your smartphone. The first way is by downloading the Google Authenticator app.
Visit the app store for the platform on which your smartphone is based and do a search for Google Authenticator. When you’ve located the (free) app in the store, install it on your phone. Next, launch the app and click on the Begin Setup link at the bottom of the screen. Then, click Scan Barcode.
You will now have activated the barcode scanner within the Google Authenticator app.
Point this at the QR code in the pop-up window on your computer screen.
When the scanner spots the QR code, it will automatically capture the image and convert the information within the code to a 6 digit number, linked to your account. You must then enter this number into the pop-up window on your screen.
You only have a small amount of time to do this before the Google Authenticator app generates a new code. You can see a little pie chart countdown timer by the 6 digit number to see how much time you have left.
After clicking submit, the pop-up window will disappear and you should see a green confirmation message at the top left of the screen (see image below) that Two-Factor Authentication has been successfully setup on your profile.
The other option for obtaining a 6 digit code is to send your phone a text message from within the pop-up window in your Checkfront account. Before proceeding, make sure your mobile phone number is entered into your profile.
Then, click on the Text code to… button (1).
When the text message arrives on your phone (2), enter the 6 digit code into the pop-up window on your computer (3) and click submit.
Once you have completed these steps, you don’t need to do anything else. Two-Factor Authentication is now active on your account. Next time you login, you will be required to enter your username and password as normal. However, there will now be an additional step added which requires you to enter a new 6 digit code.
If you have used the Google Authenticator app to setup the service, all you need to do is open the app on your phone and enter the code displayed on the screen. This is similar to the step taken during configuration, only, this time, you don’t need to scan the QR code. Enter the code as you did before and you should be granted access to your account.
If you used a text message to setup authentication, repeat the steps each time you login to your account.
You can view the active devices that are linked to your account by clicking on the link that has now appeared on your account profile page.
You can select any of the active devices and delete as per your requirements.
You can revoke Two-Factor Authentication at any time by logging into your account, visiting your profile and unchecking the Two-Factor Authentication Active field. Don’t forget to save after unchecking the box!