Two-Factor Authentication (2FA), sometimes called two-step verification, is a security process in which users provide two different authentication factors to verify themselves.
In simpler terms, 2FA significantly enhances security by adding an extra layer of protection against unauthorised access.
Lucidity users on version 17.61.0 or newer can now enable two-factor authentication (2FA) via email.
This means that when a user accesses Lucidity’s web or mobile applications, they will log in using their current username and password, and then they will be asked to enter a verification code that’s been emailed to them. Once they enter the code, provided it’s valid and correct, they’ll be able to access Lucidity.
Users can select the "remember me" option to input this code only once every 14, 30, or 60 days. The duration of this setting can be adjusted in the Access Module by Admins.
A Few Points to Consider Before Enabling 2FA
- Before enabling this feature, you will need to ensure all user accounts have an email associated with them. Otherwise, users will not be able to log in and use Ideagen Lucidity. For more details about adding user email addresses manually, see the Edit People section in our Help Centre. To add email addresses to multiple users at once, you can use the Lucidity Public API, see Update the fields on an existing user using SwaggerHub for more details.
- We also recommend notifying users before enabling 2FA so they know they will need to enter the verification code sent to their email. Communicating the benefits of 2FA ahead of time should reduce frustration from users with this extra layer of security.
Setting up 2FA
For instructions on setting up 2FA please see the Help Centre or reach out to our support team at support@lucidity.io.
Extra Resources
- Email template to notify employees of upcoming change
Here is a simple template to email to employees to notify them if you are employing 2FA. Make sure to edit the italic sections accordingly.
Hi Team
From [date], you will need to access Ideagen Lucidity using 2-factor authentication (2FA).
Action you need to take: When you access Lucidity’s web or mobile applications, you will log in using your username and password, and then you will be asked to enter a verification code that’s been emailed to you. To avoid having to enter a verification code every time, be sure you select the “remember me” option!
You will only need to enter a code every [14,30,60 - whatever duration you have enforced] days.
Why are we doing this? 2FA significantly enhances our data security by adding an extra layer of protection against unauthorised access.
Contact [your Lucidity Admin] for assistance if needed.