Multi factor authentication

Modifié par Roelof Zwaan le 2023/06/19 09:33

  

Introduction

Recently we have made a first step, in cooperation with Microsoft, in renewing our authentication experience. We are able to provide a more modern and streamlined experience, manage user access to our software better and allow for realtime monitoring and auditing. This means we can act faster and for example more easily revoke access to your account if necessary, helping to protect your information in the event of a security breach.

Modern productivity features can be enabled, such as Single Sign-On, preventing repeating unnecessary authentication prompts. One of the security features that have become available is MFA, which will be the focus point in this manual.

We're excited to provide this enhanced authentication experience to our users, and we hope you'll find it easier and more secure to use our software.

MFA

Multi-factor authentication (MFA) is a security feature that helps protect your account from unauthorized access. With MFA, you'll need to provide two or more forms of identification to access your account, making it much more difficult for someone to gain access to your sensitive information.

The type of MFA we use is called Time-based One-Time Password (TOTP). TOTP is a method of generating a unique six-digit code that you'll need to enter along with your regular password when you log in to your account. This code changes every 30 seconds, so even if someone manages to get hold of your password, they won't be able to access your account without the unique code.

To use TOTP, you'll need to download an authenticator app, such as Google Authenticator, Microsoft Authenticator, or Authy, on your mobile device. When you set up MFA, you'll be prompted to scan a QR code using the authenticator app. This will link your account to the app, and it will begin generating the unique codes you'll need to log in.

Once you have MFA set up, each time you log in to your account, you'll need to enter your regular password, followed by the six-digit code generated by the authenticator app. This provides an extra layer of security, as even if someone has your password, they won't be able to access your account without also having access to your mobile device.

Current authentication experience

Always start by navigating to https://web.terraindex.com/.

The website requires a secure connection (HTTPS) and will not work over an insecure connection (HTTP). Furthermore any communication with our website is encrypted and secured with an SSL-certificate. These security properties are publicly visible and verifiable.

image-20230619092142-1.pngimage-20230619092147-2.png

The landing page is shown below. It could be convenient to make a bookmark at this point.

1681806869104-300.png

Improved authentication experience with MFA

Remember to follow the instructions carefully and provide accurate information to avoid any errors or complications during the login, forgot password, or register process.

Login

Always login by going to https://web.terraindex.com/ first. Do not use the invitation link to login, only use that link to register an account when you do not already have an account.

Login while not having an activated authenticator app yet

1. To access your account, you will need to log in with your email or username and password. Look for the "Go to login" button. Click on it, and you will be taken to a new page where you can enter your email and password.1681811746639-289.png
2. Once you have entered your email and password, click on the "Sign In" button.1681811765003-202.png
3. After entering the correct combination of email and password, you have to pass the second authentication factor. Download and install an authenticator app on your phone. We advise to use the official Microsoft app, but any authenticator app of choice will do. Use the QR code to easily activate your authenticator app, or press "Still having trouble?" to allow manual activation.1681817215583-415.png
4. Open the authenticator app, click on the correct account, and read the verification code.1681816890094-779.png
5. Enter the verification code from you authenticator app, and press "Verify" to continue.1681812068519-175.png
You are now logged in and you can continue as usual. 

Login while having an activated authenticator app

1. To access your account, you will need to log in with your email or username and password. Look for the "Go to login" button. Click on it, and you will be taken to a new page where you can enter your email and password.1681811746639-289.png
2. Once you have entered your email and password, click on the "Sign In" button.1681811765003-202.png
3. After entering the correct combination of email and password, you have to pass the second authentication factor. Open the authenticator app, click on the correct account, and read the verification code.1681816890094-779.png
4. Enter the verification code from you authenticator app, and press "Verify" to continue.1681812068519-175.png
4. You are now logged in and you can continue as usual. 

Register new account

1. If you have been invited by a collegue and you are a new TerraIndex user, you will need to create an account. Click on the link in the invitation email, and you will be taken to a new page where you can enter your personal information, such as your name, email address, and password.1681812547664-261.png
2. On the new page first enter your email and press "Send verification code", after which an email will be send to you with a verification code. Read the email, and enter the code, and press "Verify code". If no email was received, try sending a new email by pressing "Send new code". Email is verified when this is displayed "E-mail address verified. You can now continue.". Fill in all other information on the page, and press "Create".1681812686930-751.png
3. Download and install an authenticator app on your phone, if you do not already have it. We advise to use the official Microsoft app, but any authenticator app of choice will do. Use the QR code to easily activate your authenticator app, or press "Still having trouble?" to allow manual activation.1681817215583-415.png
4. After activating the authenticator app, click on the correct account, and read the verification code.1681816890094-779.png
5. In order to pass the second authentication factor, and you will be asked to enter the verification code from you authenticator app. Press "Verify" to continue.1681812068519-175.png
You are now logged in and can continue as usual. 

Forgot password

1. If you forgot your password, don't worry, you can reset it easily. Look for the "Go to login" button. Click on it, and you will be presented with the login screen which contains a link to the password reset page.1681811746639-289.png
2. Click on "Forgot your password?", and you will be taken to a new page where you are first asked to verify your email.1681811765003-202.png
3. First enter your email and press "Send verification code", after which an email will be send to you with a verification code.1681814393926-200.png
4. Read the email, and enter the code, and press "Verify code". If no email was received, try sending a new email by pressing "Send new code". This step is complete when this is displayed "E-mail address verified. You can now continue.". Press "Continue".1681812686930-751.png
5. Open the authenticator app, click on the correct account, and read the verification code.1681816890094-779.png
6. In order to pass the second authentication factor, and you will be asked to enter the verification code from you authenticator app. Press "Verify" to continue.1681812068519-175.png
7. The password reset page is shown. Please enter a strong password, and press "Continue".1681814696292-706.png
You password has now been updated. You can now continue following the login instructions. 

Lost access to authenticator app.

Contact TerraIndex service and request removal of any activated authenticator apps. After this has happend, you can login and re-activate an authenticator app.

Tags :
 

Navigation

TerraIndex