Two-factor authentication (2FA) is a method of establishing access to eCenter Direct that requires the user to provide two different types of information.

A factor simply means "some information" that will convince the online service that you are who say you are, so that eCenter Direct can determine if you have the rights to access the system, or not. One bit of information is, of course, the combination of username and password. With two-factor authentication, you'll need to provide your username and password, and you will need to prove your identity some other way. After entering a username and password to access eCenter Direct, you will then be sent a numeric code to an email address that was provided when setting up your account. The numeric code is the second piece of "information" necessary to gain access to eCenter Direct and will need to be entered in the interface provided.

Users will not need the second bit of information each and every time they log in. You will only need to provide the second form of identification when:

• You log in for the first time ever into eCenter Direct
• Anytime you delete your cookies (make sure your browser is not set to automatically delete cookies).
• Anytime you log in from a different browser and/or different device.
• Every 90 days the cookie is set to expire.

2FA is optional for eCenter Direct, but it can been turned on for eCenter Direct by the Neoserra database administrator on the Administration|Configuration|eCenter|General Settings panel:

How does it work?

Once 2FA has been enabled, then a user will go to eCenter Direct as normal and enter their username and password:

The user will then click the "Login" button to get to the next screen:

The authentication code will be sent via email. The code will expire one hour after it has been generated. If the user has not logged in within that time frame then a new code will need to be requested.

Assuming that the correct code has been entered, then, upon clicking "Login," the user will be logged into eCenter Direct.

If the user does not receive the code, for whatever reason, then the only recourse is to contact their counselor who can verify the email address on record. OutreachSystems, under no circumstances, can provide the user with access to their eCenter Direct login.

The email message with the code will come from the email address identified on the Administration|Configuration|General panel:

This email address will also receive the bounce-backs if the email address provided by the client is not valid.

Want more? Browse our extensive list of Neoserra FAQs.