Implementing 2FA will enhance security for merchants accessing the console, requiring an additional verification step to mitigate the risk of unauthorized access, even if passwords are compromised.
Below are the steps to enable 2FA on Console.
Navigate to Setting → General → Company
- A toggle in company settings to enable or disable 2FA
- A warning message will be displayed when enabling 2FA, indicating that all users must have a valid email or phone number associated with their accounts. The acknowledgement of the message will be logged in the audit log. A message will be displayed on the login page, prompting users to ensure they have a valid email or phone number.
- The email field becomes mandatory for user creation once 2FA is enabled.
-
Console Login Process with 2FA:
- After providing username, password, and company code, if 2FA is enabled, redirect the user to the authentication screen.
- Provide options for verification: Email and SMS.
- Show only the email option if the user doesn't have a mobile number.
- Mask sensitive information: show only the first 4 and last 4 characters of the email address for email verification, and show only the last 4 digits of the mobile number for SMS verification.
- Send verification code via the selected method (Email or SMS).
- Craft email and SMS content to include the verification code.
Articles in this section
- Item Import Field Descriptions
- Overview
- Merchant Onboarding
- Navigation Bar
- Reports
- Items
- Settings
- Dashboard Overview
- Company
- Register
Comments
Please sign in to leave a comment.