You are reading the documentation for an outdated Corteza release. 2022.3 is the latest stable Corteza release.

Multi-factor Authentication

Multi-factor authentication (MFA) provides an extra layer of security for your users. Corteza provides multi-factor authentication via email or via mobile authenticator application.

Configure MFA

Multi-factor authentication can be enabled in the Corteza Admin web application under system  authentication  multi-factor authentication.

You can configure OTP via email by enabling the allow of the force users to use one-time-password over email option and optionally change the default end time for the OTP.

You can configure OTP via authenticator app by enabling the use time based one-time-password (using mobile application) option and change the default issuer displayed in the authenticator app.

mfa enable

Next, to enable OTP for a specific user, navigate to system  users and click on the edit icon next to the user you wish to enable it for. Navigate to the "multi-factor authentication" section and click on the enable button.

mfa enable
Figure 1. The screenshot outlines the user interface used to enable MFA authentication for a specific user.

From that point on, when a user attempts to login, they will receive an email with the OTP, which they need to provide before the login is finished.

Use MFA over email

To use MFA over email, navigate to your profile and click on the "security" tab.

mfa settings auth

Click on the configure button in the "additional security with one-time-password over email" section.

mfa settings auth email enabled

The next time you login, you will need to confirm the login by entering the OTP sent to your email.

mfa login confirm

Use MFA over the authenticator app

To use MFA over email, navigate to your profile and click on the "security" tab.

mfa settings auth

Click on the configure button in the "additional security with mobile app (time-based one-time-password)" section.

mfa settings auth authenticator add

Open up your authenticator app and configure Corteza by either scanning the QR code or by manually providing the parameters.

mfa settings auth authenticator enabled

The next time you login, you will need to confirm the login by entering the OTP generated by your authenticator app.

mfa login confirm