Dual Factor Authentication (DFA) adds a layer of security to login activities by requiring the user to add another piece of information on top of the usual username/password combination. In the Yottaa portal, that extra piece of information is obtained via an SMS message or the Google Authenticator mobile app.
How do I opt in to use Dual Factor Authentication?
You can opt in to use Dual Factor Authentication by going to your user profile page and checking the Enable Dual Factor Authentication when logging in option.
The next time you login after you select this option, you will be presented with a Dual Factor Authentication setup screen:
How do I setup Dual Factor Authentication with SMS?
You can receive Dual Factor Authentication codes on your phone as an SMS message. Selecting Receive codes via SMS in the screen above will take you to the SMS configuration screen. The screen will validate that you have valid phone number and allow you to send an authentication code to your phone. When you receive the code, enter it to the Authentication Code field and login.
How do I setup Dual Factor Authentication with Google Authenticator?
You can use the Google Authenticator mobile app to generate authentication codes. If you select that option, install that app on your mobile phone and in the app select to add an account by scanning a barcode. Scan the barcode presented on the Google Authenticator setup screen. This will create a Yottaa account for you and generate an authentication code that refreshes every 30 seconds. Enter the code to the input field and login.
How frequently do I need to enter an authentication code when I login to Yottaa?
Authentication codes are good for 30 days for each computer/browser combination you are logging in from. For example if you are logging to Yottaa from your work and home computer, or two different browsers on your work computer, each of them will require to renew the authentication code every 30 days. If you clear cookies in your browser, you will be required to authenticate on your next login.
How do I require all users in my organization to use Dual Factor Authentication?
Organization administrators can select to require all users in their organization to use Dual Factor Authentication. In the organization page select to edit the organization and check the box at the bottom of the screen.
A user in my organization lost a phone. How do I enable him/her to log in?
When users lose their phone, there are two steps that they will need help with in order to log in to Yottaa and start using their new phone:
- If the users’ authentication code expires while they are without a phone, Yottaa Support can provide them with a temporary authentication code good for 30 days.
- When users get their new phone, they will need to configure it according to the steps described above. Yottaa Support can reset their DFA settings, enabling them to configure DFA with their new phone the next time they login to the Yottaa portal.
Call Yottaa Support to provide you with the required assistance for these steps.