Two-factor authentication in Customer Administration

Last Update 23/8/2024


Introduction

To increase the security of user accounts, you can activate two-factor authentication in the Customer Administration. In addition to the standard login credentials, this feature requires the use of an additional method for account authentication. You can choose between logging in via SMS or using the OTP method – verification with a one-time generated password through a mobile application.

In the Customer Administration, click on your name > Edit Profile > Security, and according to your preferences, choose one of the two options for two-factor authentication. If you decide to change the authentication method, it is necessary to deactivate the original verification method first.

Login Via SMS

The first way is to log in via SMS code. After adding and verifying your phone number, you will receive a verification SMS every time you try to log in to the Customer Administration.

To add your phone number, follow these steps:

1. In the section Login via SMS click on Add Number and confirm it by clicking the Save button.

2. For verification, use the Verify Number button and proceed by clicking the Send Code button.

3. Enter the SMS code into the Customer Administration.

You can modify the phone number using the Change number and Delete number buttons.

Note: If you use a phone number that has been provided and verified by one of the existing Persons associated with the account, there is no need for additional verification of this number. Once you input the number, you can easily activate 2FA by clicking on the Enable authentication button.

OTP Authentication

The second option is the OTP (One-Time-Password) method. This authentication method works by entering a one-time password that you generate in a mobile app (e.g. Google Authenticator or Authy) on your phone. To use this method, you need to connect your device in the Customer Administration.

  1. On the OTP Authentication, click Connect device. If you don’t already have one of the OTP apps installed, download it from the app store on your device.

2. After installing the application, open it and click on the option Add Account or +.

3. In the application, you can choose between scanning the QR code or manually entering the code. Select the option to scan the QR code.

4. In the Customer Administration, click on Display QR Code. Scan the code using the camera on your phone and proceed by clicking the Verify button.

5. The application will automatically generate a time-limited one-time code. Enter this code to activate OTP authentication.

Screenshot of Customer Administration: entering the verification code to complete the registration.
Completing the registration of a new device for 2FA using OTP.
Screenshot of Customer Administration: Completing the OTP authentication setup, a backup code is generated for emergency login.
Confirming 2FA setup using OTP. Do not forget to save the generated backup code.
Important: Important: After completing the OTP setup, a backup code (key) will also be displayed. Save this code in a secure place in case you lose the device with the OTP application. This way, you will not lose access to the Customer Administration.

Keep the OTP app installed on your device. Each time you log in to Customer Administration, you will be required to enter an authorization code generated by the app.

You can deactivate OTP verification at any time in your account: username > Edit profile > Security. On the OTP Authentication tab, click the Disable verification button.

If You Lose Your OTP Device

Important: OTP verification can only be reset if you saved the backup code (key) during the activation of this verification, typically in a format such as: YCEBCVGFKHSQ2CLVDSTWGN6ENEKY5N4D. If you do not have this code and have lost access to the device with the OTP application, please contact us at support@master.cz.
  1. Install one of the OTP applications on a new device.
  2. After installing the application, open it and click on the option Add Account or +.
  3. Instead of scanning a QR code, choose the option to Enter code manually.
  4. In the Key / Secret Key field, enter the backup code you saved when you activated two-factor authentication using OTP.
  5. Confirm the pairing by clicking the Finish button.
  6. Now log in to the Customer Administration as usual and verify the login with the newly generated password in the OTP application.

Any suggestions for improving the tutorial?

Let us know by sending a message