Two-factor authentication can improve your account's security by adding another level of protection to the login process. A message is sent to your cell phone (or landline) during the login process. The login succeeds if you respond to the message.
We have integrated Aha! with Duo Security for two-factor authentication. Duo Security offers several authentication techniques, simple configuration, and a free plan for small teams.
How to enable 2FA
To take advantage of two-factor authentication, the Aha! account administrator must first sign up for a Duo Security account. There is no need to add your Aha! users to Duo manually - they will be added automatically the first time they log into Aha! after two-factor is enabled.
1. Create a new Integration. The type should be set to Web SDK.
2. The default configuration of the Integration is fine. Copy the Integration Key, Secret Key, and API hostname values -- you will need these to configure Aha!
3. In Aha! go to the Settings -> Account -> Security and single sign-on page. Enter the values from your Duo integration, enable two-factor authentication, and click Update.
4. Test the authentication flow by using a different browser or a different computer (so that you can change the settings if they are wrong). In the different browser, try logging in. After entering your email address and password, you will be prompted to enroll for two-factor authentication.
Two-factor authentication applies to all users in an account.
Configure 2FA for your user account
1. The first time you log into your account after it has been turned on, you will see the following screen:
2. The next step is to select the mechanism that you will use when you need to log in. We suggest using your mobile phone.
3. Enter your location, phone number, and type of phone.
4. Launch the appropriate store (in this case, the App Store), download the free Duo Mobile app, and install it on your phone.
We strongly suggest that you tap "Ok" when asked if Duo Mobile should be able to send push notifications to you. This is important because when you log into the Aha! Web application, you will automatically receive a notice on your phone. After you hit Confirm on your phone, you will be automatically be logged in into your Aha! Web account.
If you replace your device, you will need to re-activate your account in order for Duo Push to function.
If your adminstrator has you set up to manage your own devices, you can do this yourself. Otherwise you will need to contact your Duo administrator to send an activation link to your new device.