Before starting
Two-step validation is a procedure for enhancing the security of your platform's accounts. It requires users to enter a validation code in addition to their username and password when logging in.
Principle of dual authentication
This procedure is a good way to protect your account against unauthorized access, should a third party manage to steal your password. It consists of a 2-stage connection:
- The user enters his/her login and password
- It enters an identifier generated automatically by a third-party application.
Even if a malicious person succeeds in decrypting, guessing, or stealing a password, he or she cannot log in without additional validation information. These come in the form of codes that only the user can obtain via his or her cell phone.
Configuration requise
To enable dual authentication, you'll need a smartphone on which you've downloaded an app capable of handling this system.
If you don't have one, you can download one of the two applications below:
- Authy
- Google Authenticator
These applications generate codes that reinforce the security of your account. These codes, or "tokens", are generated every 30 seconds and can be consulted from your application.
Once the procedure has been activated, you will be asked for a "token" each time you connect from a device/computer that is not recognized as "trusted" (that you don't usually use).
Enable dual authentication
Procedure to follow
Double authentication is activated directly on your account's Profile page. To access it, click on My Account> Profile > Update profile.
Once you are on the Edit Profile page, follow these steps:
- Go to your profile edit page.
- Open the Enhanced Security section.
- Scan the QR Code displayed using the third-party application on your Smartphone.
- Once you've scanned the QR Code, enter your phone number.
- Enter the code generated by the third-party application in the software and click on Activate.
Register trusted IPs
Once dual authentication is enabled, you can register trusted IPs. This means you won't be asked for double authentication when connecting via this IP address.
To register a trusted IP, enter the IP address you want, and save the changes you've made on the page.
For example, your Internet box is linked to a specific IP address. By registering this IP as a trusted address, double authentication will not be requested from this Internet point. However, if you connect from another Wi-Fi terminal, double authentication will be required.
Comments
0 comments
Article is closed for comments.