Two-factor authentication can improve your Aha! account's security by adding another level of protection to the login process. When you first login, an integrated security platform sends a message to your phone (mobile or landline) asking you to confirm that you are the person who initiated the login. Once you confirm, the login is successful.
If you did not initiate the login attempt, you can deny the attempt and avoid a security breach.
We have integrated Aha! with Duo Security for two-factor authentication. Duo offers several authentication techniques, simple configuration, and a free plan for small teams.
If enabled, two-factor authentication applies to all users in your Aha! account.
Enable 2FA for your account
- An Aha! administrator must first sign up for a Duo account. There is no need to add your Aha! users to Duo manually — they will be added automatically the first time they log into Aha! after two-factor is enabled.
- In Duo, navigate to Applications and select Protect an Application. Set the Type to Web SDK, and Name your application Aha! (or something similar).
- Use Duo's default settings and copy the Integration Key, Secret Key, and API hostname values for when you move to Aha! to enable two-factor authentication.
- In Aha!, navigate to Settings > Account > Security and single sign on > Duo Security two-factor authentication.
- Enter the values you copied from Duo into the appropriate Aha! fields, then click Update authentication.
- Test the authentication by using a different browser (or a different device), so that you can change the settings if they are wrong. In your alternate Aha! instance, try logging in. After entering your email address and password, you will be prompted to enroll for two-factor authentication.
Configure 2FA for your user account
- The first time you log in to Aha! after 2FA has been enabled, you will see the following pop-up. Click Start Setup to continue.
- You will be prompted to select the device that Duo will use to verify your login attempts. We suggest using your mobile phone.
- Enter your location, phone number, and type of phone.
- If you have selected your mobile device, launch the appropriate app store to download and install the free Duo app.
Note: We strongly suggest that you tap OK when asked if Duo Mobile should be able to send push notifications to you. This is important because when you log into the Aha! web application, you will automatically receive a notice on your phone. After you hit Confirm on your phone, you will be automatically be logged in into your Aha! web account.
Setup a new mobile device for 2FA
If you replace your device, you will need to re-activate your account in order for Duo's push notifications to function.
If your Duo administrator has you set up to manage your own devices, you can do this yourself. Otherwise you will need to contact the Aha! administrator with admin access to your Duo account to send an activation link to your new device.