Two-Factor Authentication (Optional Feature)

Follow

  Overview

RecDesk offers Two-Factor Authentication (TFA) as an optional feature on RecDesk Director. This feature is also known as 2FA, and allows directors in your organization to add a second level of security when RecDesk Director (Administrative) users log in. In this article, you will learn about both our Required and Optional TFA settings. If you'd like to enable TFA on your RecDesk Director site, please contact your RecDesk Customer Success Manager or email support@recdesk.com and tell us which TFA option you'd like (Required or Optional).

  Before You Start

In order to use the TFA feature on RecDesk, users must install an Authenticator App on his/her phone. If your TFA is set up as Required, all users must install an Authenticator App; if your TFA option is set up as Optional, only users who have TFA enabled will need an Authenticator App. Here are some Authenticator Apps we recommend:

Android: Google Authenticator, Microsoft Authenticator

iPhone: Google Authenticator

TFA Options:

  • Required Two-Factor Authentication - Once activated, this option will require every RecDesk Director user to use TFA
  • Optional Two-Factor Authentication - Once activated, only RecDesk Director users with a role of Director will be able to activate/deactivate TFA on a per user basis

Managing TFA (Users with Director Role Only):

  1. Click on the Admin tab;
  2. Click on a User's Name;
  3. You will see two settings:
    • Two-Factor Authentication Enabled: (Yes/No) - this will always be Yes for the Required TFA option and will be Yes for all users who have TFA individually enabled for Optional TFA set-ups.
    • Two-Factor Authentication Configured: (Yes/No) - this setting will be Yes after that user has logged in for the first time after TFA has been enabled, and has followed the steps below under First Time User Log Ins with TFA.
  4. For Optional TFA configurations, you will see: 
    • Enable OR Disable TFA - this allows a director to Activate TFA (if not already activated) or Deactivate TFA (if activated already) for that user and is not available when TFA is Required. 
  5. For both Optional and Required TFA configurations, once a user has configured their TFA, you will see a Reset TFA button. Resetting TFA will invalidate any existing TFA device pairings and should only be used if a device is lost or inaccessible. Once TFA has been reset, the user must delete the RecDesk Director PIN from their Authenticator App, and then follow First Time User Log Ins steps below. Reset TFA should also be used when the RecDesk Director PIN in the Authenticator App gets accidentally deleted.

First Time User Log Ins Once TFA is Activated

  1. Install an Authenticator App (see info under Before You Start above);
  2. Close your web browser and open it back up;
  3. Navigate to your RecDesk Director Login page and Log In to RecDesk Director as you normally would;
  4. You will see a QR code pop up like the following:
  5. Scan the QR code on your phone and follow the link that pops up. This will open your Authenticator App and display a PIN for RecDesk Director.
  6. Enter the PIN from your Authenticator App on your phone under Authenticator PIN on the RecDesk page.

Log Ins After TFA Has Been Initially Configured

  1. Navigate to your RecDesk Director Login page and Log In to RecDesk Director as you normally would;
  2. When prompted for your Authenticator PIN, go to your Authenticator app to view the PIN, and type it on the RecDesk page under Authenticator PIN.                                 

  Tips:

Troubleshooting - What should I do if:

  • I delete the RecDesk PIN from the Authenticator App - Contact someone in your organization who has a Director role in RecDesk, and ask them to Reset TFA.
  • My PIN doesn't work - Close your web browser and try again.
0 out of 0 found this helpful