What is Two-Factor Authentication (2FA) and how does it work in Neoserra?
Two-factor authentication (2FA) is a method of establishing access to Neoserra that requires the user to provide two different types of information.
A factor simply means "some information" that will convince the online service that you are who say you are, so that Neoserra can determine if you have the rights to access the system, or not. One bit of information is, of course, the combination of username and password. With two-factor authentication, you'll need to provide your username and password, and you will need to prove your identity some other way. This other way is done via your smartphone. After entering a username and password to access Neoserra, you will then be sent a numeric code as a text message to a phone number or, if no mobile number is provided then to an email address that was provided when setting up your account. The numeric code is the second piece of "information" necessary to gain access to Neoserra and will need to be entered in the interface provided.
Note: It is important that both the mobile phone number and/or email address in your user account record is accurate. Invalid phone numbers and/or email addresses will prevent you from being able to receive the authorization code.
Users will not need the second bit of information each and every time they log in. You will only need to provide the second form of identification when:
- You log in for the first time ever into Neoserra
- Anytime you delete your cookies (make sure your browser is not set to automatically delete cookies).
- Anytime you log in from a different browser and/or different device.
- Every 90 days the cookie is set to expire.
It is absolutely essential that users do not share the same user account! Each person with access to Neoserra should have their own user account, with their own associated mobile phone number.
Adding Mobile Phone Numbers
The mobile phone number is necessary for Two-Factor Authentication (2FA). Administrators can enter the mobile phone number on the user account record. However, users can also update and maintain their own mobile phone numbers on their Personal Preferences page.
To access your personal preferences, hover over your name in the upper right hand corner of the Neoserra interface and click on "Preferences":
On the preferences page you can either add or change your mobile phone number by clicking on the "Change" link:
To add or change your password, you will need to enter your current password:
Click "Save" to add your mobile phone number.
All users are required to provide a second authentication to log into Neoserra. Once they have logged in once successfully, then they won't be required to provide the second form of identification every 90 days or sooner if they change devices, change browsers, or delete their cookies.
How does it work?
Once 2FA has been enabled, then a user will go to the login page as normal and enter their username and password:
The user will then click the "Sign-in" button to get to the next screen:
The authentication code will be sent to the mobile phone number on file for the user. If no mobile phone number has been entered, then the code will be emailed to the user. If, for whatever reason, the user does not receive the code, then they may ask to resend it either via SMS or via email. The code will expire one hour after it has been generated. If you have not logged in within that time frame you will need to request a new code.
Assuming that the correct code has been entered, then, upon clicking "Save," the user will be logged into Neoserra.
If the user does not receive the code, for whatever reason, then the only recourse is to contact their Neoserra database administrator who can verify the mobile phone number and/or email address on record. OutreachSystems, under no circumstances, can provide the user with access to their Neoserra database.
What about password reset?
Users can click on the "Forgot password?" link on the Neoserra login page if they have forgotten their password. They will need to enter their username or email address on file, enter the CAPTCHA shown on the screen and click "Submit:"
Next, they will be sent an email providing them with a link to reset their Neoserra password:
A minimum password length of 10 characters will be enforced and password complexity will require the use of characters, digits and specialty characters. Upon entering the password correctly twice, the user will be logged into Neoserra with their new password. They will not be required to do 2FA during this password reset login process. However, the next time, when they login again, the user will be required to provide a second credential to be authenticated again.
Note: Your database administrator can require more than 10 character passwords. This is up to each database administrator to configure, however, a password may never be less that 10-characters.
Want more? Browse our extensive list of Neoserra FAQs.