You are reading the documentation for an outdated Corteza release. 2024.9 is the latest stable Corteza release.

Multi-factor Authentication

Multi-factor authentication (MFA) provides an extra layer of security for your users. Corteza provides multi-factor authentication via email or via mobile authenticator application.

Configure MFA

Multi-factor authentication can be enabled in the Corteza Admin web application under system  authentication  multi-factor authentication. You can either allow or force users to receive their OTP (one-time-password) either via their email or their authenticator application.

Annotated image
Annotated image

Next, to enable OTP for a specific user, navigate to system  users and click on the "edit" icon next to the user you wish to enable it for. Navigate to the "multi-factor authentication" section and click on the enable button.

The screenshot outlines the user interface used to enable MFA authentication for a specific user.
Figure 1. The screenshot outlines the user interface used to enable MFA authentication for a specific user.

From that point on, when a user attempts to login, they will receive an email with the OTP, which they need to provide before the login is finished.

Use MFA Over Email

To use MFA over email, navigate to your profile and click on the "security" tab.

Annotated image

Click on the configure button in the "additional security with one-time-password over email" section.

Annotated image

The next time you login, you will need to confirm the login by entering the OTP sent to your email.

Annotated image

Use MFA Over the Authenticator App

To use MFA over email, navigate to your profile and click on the "security" tab.

Annotated image

Click on the configure button in the "additional security with mobile app (time-based one-time-password)" section.

Annotated image

Open up your authenticator app and configure Corteza by either scanning the QR code provided or by manually providing the parameters provided on the authentication screen.

Annotated image

The next time you login, you will need to confirm the login by entering the OTP generated by your authenticator app.

Annotated image