Two-factor Authentication (2FA)

Two-factor authentication (2FA), also known as two-step verification or dual-factor authentication, is a security process that requires users to provide two distinct authentication factors to confirm their identity.

In our implementation of 2FA, users must provide two specific authentication factors when they sign in: their email/password combination and a one-time 2FA code generated by their chosen authentication method.

Supported Authentication Methods

Our system supports two authentication methods:

Authenticator App
Text Message

Administrator Control

Administrators can enable either both authentication methods or select just one based on their preferences and security requirements. 2FA can be set as optional or mandatory for all users.

How to enable 2FA

Navigate to RapIDadmin > Administration > Settings to view the 2 Step Verification settings.

To access RapIDadmin select the user avatar > Switch Applications > RapIDadmin

Setting	Description

Setting	Description
Enable 2 Step Verification	Purpose: Enable 2FA for all users associated with the Customer and Tenants. User enrollment: Users enable 2FA by selecting the "2 Step Verification" option in their user avatar menu. User Instructions: For step-by-step instructions on logging in using 2FA, visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2001010735
Make 2 Step Verification Mandatory	Purpose: Require 2FA for all users. Enrollment Period: Users have 14 days to enroll in 2FA. Recovery Code: If Self Recovery is disabled, users who don’t enroll within 14 days may require an Administrator to issue a recovery code. Generate a recovery code: For instructions on generating a 2FA reset code, visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2000453636/Two-factor+Authentication+2FA#Generate-2-Step-Reset-Code
Allow Self Recovery	Purpose: Allow users to regain access to their accounts in case they lose access to their enrolled device(s). Learn More: For detailed information on the recovery process, visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2001010735/Login+using+2FA#Recovery
Authenticator App	Purpose: Enable users to register an Authenticator App for 2FA. How to Enable: Visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2000846869
Text Message	Purpose: Allow users to register for Text Message-based 2FA. How to Enable: Visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2000846869

Enroll a device

For step-by-step instructions on enrolling a 2FA device, visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2000846869.

Troubleshooting

User Troubleshooting: If you’re a user experiencing issues with 2FA, visit https://vds.atlassian.net/wiki/spaces/EliteID/pages/2001010735/Login+using+2FA#Troubleshooting for user-specific guidance.
Administrator Troubleshooting: As an administrator, you may need to generate a 2 Step Reset Code for users in the following scenarios:
- When "Make 2 Step Verification Mandatory" is enabled, and the user hasn’t enrolled a device within the 14-day grace period, and "Allow Self Recovery" is disabled.
- If a user has lost access to their 2FA device and "Allow Self Recovery" is disabled.

Generate 2 Step Reset Code

Navigate to RapIDadmin > Users
Select Actions > Generate 2 Step Reset Code
A modal window will display the one time recovery code.
Click Email to User and Close to send an email containing the code to the user, or click Copy and provide the code to the user by other means.