Two Factor Authentication

This document describes Multi factor Authentication feature in TractionNext. It covers the details on how to use new features that have been added in Traction Next.

Feature & its use

Two Factor Authentication (2FA) will introduce an extra layer of security for Traction Next users. 2FA ensures that users are only granted access to a system when they provide two separate evidence for authentication. The evidence is typically knowledge of the correct password and possession of a resource that can be a phone connection or email account. Typically, One Time Password (OTP) is sent to the resource registered against the user. If the user can access the resource within an allowed time interval which is usually few minutes and provide the correct OTP to the authentication system, access to the system is granted

How to use it?

Login to TractionNext and go to ‘Account Settings’. Select ‘Security Settings’ from the left menu to get the following…

There are several option to authenticate. App Authentication / Email Authentication & Enforce Account Policy.

Refer the below screen…

App Authentication / Email Authentication – Out of which only one can be used at a time.

To use this feature, user need to click on any of them, for example if user clicked on Email Authentication ‘Enable’ button, it will displayed as below…

Now when user try to login after logout, it will prompt for username and password. As soon as user enters username and password, an OTP will be sent to their registered email ID (it will be valid for 180 seconds). User need to enter this OTP to login into their account. Refer screen below…

Regarding Enforce Account Policy – This is available to admin users only.

Uses of Enforce Account Policy – This can be used to edit/update the App authentication / Email authentication details. For example, if someone is using Email authentication and because of some reason, not able to login to their account. Then the admin (who is having Enforce Account Policy enabled) can update his authentication details.

To do this, Go to ‘Users’ menu, Users list will display. Click ‘Edit’ for any user who is using 2FA, it will display as below…

Unselect the option ‘Is2FAEnabled’ check box and click on ‘Save’ button. Now particular user can able to login with their username and password without 2FA authentication.