Two-factor Authentication (2FA)

Two-factor authentication (2FA), also known as two-step verification or dual-factor authentication, is a security process that requires users to provide two distinct authentication factors to confirm their identity.

In our implementation of 2FA, users must provide two specific authentication factors when they sign in: their email/password combination and a one-time 2FA code generated by their chosen authentication method.

Supported Authentication Methods

Our system supports two authentication methods:

Authenticator App
Text Message

Administrator Control

Administrators can enable either both authentication methods or select just one based on their preferences and security requirements. 2FA can be set as optional or mandatory for all users.

How to enable 2FA

Navigate to RapIDadmin > Administration > Settings to view the 2 Step Verification settings.

To access RapIDadmin select the user avatar > Switch Applications > RapIDadmin

Setting	Description

Setting	Description
Enable 2 Step Verification	Purpose: Enable 2FA for all users associated with the Customer and Tenants. User enrollment: Users enable 2FA by selecting the "2 Step Verification" option in their user avatar menu. User Instructions: For step-by-step instructions on logging in using 2FA, visit Login using 2FA
Make 2 Step Verification Mandatory	Purpose: Require 2FA for all users. Enrollment Period: Users have 14 days to enroll in 2FA. Recovery Code: If Self Recovery is disabled, users who don’t enroll within 14 days may require an Administrator to issue a recovery code. Generate a recovery code: For instructions on generating a 2FA reset code, visit Two-factor Authentication (2FA) \| Generate 2 Step Reset Code
Allow Self Recovery	Purpose: Allow users to regain access to their accounts in case they lose access to their enrolled device(s). Learn More: For detailed information on the recovery process, visit Login using 2FA \| Recovery
Authenticator App	Purpose: Enable users to register an Authenticator App for 2FA. How to Enable: Visit Enroll a 2FA device
Text Message	Purpose: Allow users to register for Text Message-based 2FA. How to Enable: Visit Enroll a 2FA device

Enroll a device

For step-by-step instructions on enrolling a 2FA device, visit Enroll a 2FA device.

Troubleshooting

User Troubleshooting: If you’re a user experiencing issues with 2FA, visit Login using 2FA | Troubleshooting for user-specific guidance.
Administrator Troubleshooting: As an administrator, you may need to generate a 2 Step Reset Code for users in the following scenarios:
- When "Make 2 Step Verification Mandatory" is enabled, and the user hasn’t enrolled a device within the 14-day grace period, and "Allow Self Recovery" is disabled.
- If a user has lost access to their 2FA device and "Allow Self Recovery" is disabled.

Generate 2 Step Reset Code

Navigate to RapIDadmin > Users
Select Actions > Generate 2 Step Reset Code
A modal window will display the one time recovery code.
Click Email to User and Close to send an email containing the code to the user, or click Copy and provide the code to the user by other means.