Enabling Multi-Factor Authentication (2FA)

Multi-factor or two-factor authentication (MFA/2FA) is an additional layer of security for information systems that require two or more forms of identification for a user to validly enter the system (beyond simply a password).  See https://www.techtarget.com/searchsecurity/definition/two-factor-authentication for more information on MFA/2FA concepts.

LityxIQ supports 2FA by allowing a system administrator, or an individual user, to enforce a second method of authentication prior to logging into LityxIQ.  The second method, in addition to your password, can be either a valid and verified mobile phone number for receiving text messages, or an email address.

 

Enabling 2FA as a System Administrator

The system administrator of a LityxIQ instance can enable 2FA for all users.  If you do not see the options mentioned below, then you are not identified as a system administrator.

To enable 2FA, click the Admin menu item in the left panel and select System Administration.

 

You will then see the system administration menu, which includes two options related to 2FA:

Enable 2FA - This option allows you to disable 2FA for the LityxIQ instance, or enable it using either Mobile/SMS or Email authenticaiton.

2FA Frequency - If 2FA is enabled, this option allows you to specify how frequently a user needs to re-authenticate using the second method.

Once these are selected, click the Save button to save these settings.  At this point, all active users will receive an email notifying them of the new 2FA requirement.  Upon their next login, if they have not yet provided the necessary information (e.g., a mobile phone number in the case of Mobile 2FA, or a valid email address in the case of Email 2FA), they will be required to enter and verify that information before being able to login to LityxIQ.

 

Enabling 2FA as an Individual User

If the system administrator has not enabled 2FA for all users, individual users still have the option to enable 2FA for their own account.  To do this, login to LityxIQ and select My Account from the Tools menu in the left panel.

The dialog for updating your user and account information will appear.  Click the "2FA Preferences" tab:

The Enable 2FA option allows you to enable 2FA for your own account using either Email or Mobile Phone.  If you enable 2FA, you will also be given the option to set how often you will be required to verify your identity through the second method.  Make sure to click the Save 2FA Preferences button to save your settings.

Note, if your system administrator has already enabled 2FA for the organization, you will see something like the following dialog under 2FA Preferences in your My Account window: