Two-step Verification for IPS Community Suite

[IBResource]

Two-step Verification for IPS Community Suite

Two-step Verification app ads an extra layer of protection for user accounts at your IPS Community Suite  4.1. This method of user authentication is used by all major websites like Google, Facebook, Twitter, Microsoft and many other websites.

This method adds a second factor of user authentication, and allows users to access their accounts only if they 1) know their password, and 2) are able to provide a one-time password which is generated every 30 seconds by the Google Authenticator app. (Click for Android or iOS).

So how this method works for IPS Community Suite?

After installing the product, you can choose which groups are allowed to use this application. It has two settings per group, one for the front-end and one for the ACP.

Users who have either of the settings enabled will see a red shield logo in the top user navigation bar. It draws their attention and invites them to check the application.

Also they will have a link in the user drop-down menu that shows whether the protection is enabled or not.

These two additional links lead to the following page:

User can use Google Authenticator to scan the bar and then type the one-time password generated by GA to enable this protection for their accounts. User who successfully enable the protection will see this screen:

If desired, users can type the one-time password generated by GA to disable the protection.

The user drop-down menu will show the new protection state

From now on, after every successful login into the IPS Community Suite, the user will be faced with this form in the front-end, the form can't be avoided or averted, a one-time password is strictly required.

Or with this form in ACP

Uses can choose to trust the device for 30 days, during which they will not be asked to enter the one-time password again. Users can trust the device for the front-end or ACP separately. That means if you choose to trust the device on the front-end, you will be still asked to enter the OTP when you log into the ACP.

Finally, if a user for some reason loses their phone, they can reach to you to reset their 2-Step Verification credentials. You can do it in ACP in one click

You can also choose to force all admins to enable 2-Step Verification through settings.

If enabled, admins will see this error and they can't do anything in ACP:

We hope this application will add more security to your website. We recommend that you keep your server up-to-date with software and security fixes. Also make sure to install an SSL certificate, it's easy and free these days.

Перейти на сайт Invision Power