Two Factor Authentication (2FA) is an optional security feature, that requires users to go through an additional step to authenticate when logging in.
From May 2021, People® will now integrate with Access Identity to provide 2FA.
When 2FA is in use, Access Identity provides multiple security options for users to protect their account:
users can opt in to 2FA and register a trusted device (e.g their phone) to receive a code that can be entered in the second step of their sign-in process, protecting users who may have had their password compromised.
the option to use SMS and the ability to use a broader set of authenticator apps such as Google Authenticator, Authy or FIDO2 to secure and log into your Identity account.
The option to enable SSO and 2FA - this will allow the users to login via SSO and then 2FA.
Access Identity can be setup in 2 different ways:
Forced 2FA i.e. all users from a registered domain must use 2FA to login.
User Opt In i.e. 2FA is enabled at site level, but it is up to individual users to chose to authenticate using 2FA.
If you are using 2FA in People® prior to May 2021, this is being moved to Access Identity. To maintain 2FA there are some steps that your admin will need to complete to ensure a smooth transition and continue use.
Some useful links: