This document would define the guidelines to enable the Two-Factor Authentication and provide Wi5stars with a higher security level.
The rise in cybercrime requires stronger and tighter security systems. Sometimes it’s simple human error that has left the passwords exposed, “Stolen, reused, and weak passwords remain a leading cause of security breaches.” Olofsen Security Consultancy.
Two-Factor Authentication, also known as 2FA, is an extra layer of protection for your HSNM platform to ensure that you, and only you, can access your account.
Two-factor authentication means that you’ll need two forms of identification to log into your HSNM portal. Instead of only entering your username and password to sign in, you’ll also need to enter a unique passcode sent by text message or email.
Two-factor authentication adds an extra step to your HSNM login process, but the security benefits make it worthwhile.
When accessing the backend, you can now enable two-factor authentication. You can activate it at reseller and manager level. You decide whether you receive the security codes via SMS, or email or to use an authenticator app such as Authy, Google Authenticator or Microsoft Authenticator. The user, when logging in, can decide whether to activate it, activate it later, postpone the activation for 30 days or disable it (thanks to a security code sent by email).
Wi5stars must be updated to version 9.3.75 or greater.
Edit the System User at reseller or manager level in which to enable the 2FA by clicking on the dropdown menu
Click on the Two-Factor Authentication menu and define whether the user has enabled the 2FA and the method to use.
To enable sending security codes via SMS, configure an SMS gateway as described in the How-to Guide > Configure the platform to send SMS messages
To enable sending security codes via email, configure an SMTP as described in the How-to Guide > Configure the platform to send automated emailsThis security system now blocks the user for 10 minutes if 5 login attempts are made with the wrong password.
When you log in for the first time with the 2FA enabled, enter your mobile phone number and your email address.
Confirm the data, and you will receive an email with the deactivation code you can use subsequently for disabling the two-factor authentication.
To disable the two-factor authentication, click on Disable two-factor authentication button and enter the 24-character string sent via email, as described in Step 4.
If all the two-factor authentication methods are disabled. In that case, users who have already chosen to enable two-factor authentication will no longer be prompted to enter the security code. Instead, the data of all “known” devices will be reset to zero. If they are subsequently reactivated, users must re-enter the security code using the method, if reactivated, previously chosen.