Two-factor authentication

Last update: 22.04.2024
Previously, you only had to specify a regular password to log in to the administrator and agent accounts. You can also set an IP address restriction for logging in to agent accounts, but not all companies have a corporate VPN with a fixed IP address to make this setting as useful as possible.

However, attackers are not dormant, and there are numerous ways to obtain passwords, including brute force attempts, phishing, and installing tracking programs on an agent's device.

Now, every administrator and agent can set up two-factor authentication to additionally secure the company's data and your customers' information.
Two-factor authentication is configured in the administrator and agent profile settings.

Let's review the necessary steps to set up.

1. Begin by linking your account to your 2FA application or password manager that supports two-factor authentication (such as Google Authenticator, Microsoft Authenticator, Authy, 1Password, LastPass Authenticator).

What to do if the code from the application doesn't work

If you've previously configured 2FA, then disabled it without removing the connection to Deskie from your code-generating application, attempting to reactivate 2FA won't accept the verification code.

First, you need to delete the established connection to Deskie in your code-generating application, then refresh the page in Deskie, and set up 2FA again with a new QR code.

2. On the next step, you will receive a list of backup access codes in case you cannot authenticate in your password manager or lose your device. Make sure to save these codes in a secure location that you will definitely have access to, even in the situations mentioned above.

3. On the final step, add a backup method for receiving codes through a special Telegram bot. Click on the bot's name or find it by the username @deskie_2fa_bot through the Telegram search, send the specified set of characters to obtain the identification code, and complete the setup.

4. In the administrator's account, under the "Team" section, in the subsections "Administrators" and "Agents," you can easily monitor who has configured two-factor authentication and who has not.

In the "Agents" subsection, there is also a specific filter available.

Logging in to your account

5. When logging into your account after entering the regular password, you will need to input the two-factor authentication code (code from the password manager, code from the Telegram bot, or a backup code).

By default, the code from the method selected as the primary in the two-factor authentication settings, indicated with a star, will be requested.

In the authentication form, you can switch between these methods in two ways if one method is more convenient than the other at the moment.

6. Before logging into the account, you can also tich the checkbox that remembers the device, so that for the next 30 days, entering just the regular password will be sufficient on that device.

Disabling 2FA

In some situations (for example, if you initially used a free 2FA app and later decided to switch to a full-fledged password manager), it may be necessary to disable the configured 2FA.

7. When 2FA is already set up, administrators and agents can disable it in their profile settings by clicking on the corresponding link.

8. The main administrator and other administrators who have full access to the "Administrators" and "Agents" subsections (access to add, edit and delete the corresponding subsection) can disable configured two-factor authentication in the profile settings of administrators and agents using the corresponding link.

At the same time, only the main admin can disable 2FA for the main admin.

Was this article helpful?