How you can turn on 2 factor authentication (or multi-factor authentication) to provide additional login security.
- What is 2FA and what are the benefits
- What options are available to your club
- Enforce 2FA for Site Admins and/or members
What is 2FA and what are the benefits?
2 factor authentication (also known as multi-factor authentication) is a security measure that requires you to provide 2 proof of identities before you can login and be granted access. Using 2 methods to login, which include a password and a one-time login code sent to your email or mobile number, helps provides significantly more powerful protection against criminals.
What Options are Available
Member Jungle has implemented 2FA so users are required to supply something they know:
- a password
as well as something they receive directly:
- a code to their email
- or code sent via SMS to their phone*
How to Turn on 2FA as an Administrator?
Login to the site > Navigate to Dashboard > and then select "My Security" from your MySite area.
Click on the "Enable 2FA" button.
You will then be asked to type in your password to turn the functionality on.
NOTE: Please make sure that your email and phone number displayed in the message is correct as this will act as verification for these details.
You will see that your details now appear with a tick to show they have been verified.
You can also verify details individually by clicking on the tick button next to your email and phone and typing in the code sent to each.
2FA will now be turned on for the next time you login.
How to turn on 2FA as a member
The same as an administrator, a member needs to navigate to their Account or MySite area and click on the "My Security" tab.
Click Enable 2FA and it will send you an email with a code to confirm, members will need to individually verify their email and mobile.
Type the code sent in the email in the system to verify your email details.
What the Login Process Works Like with 2FA
You will be asked your username on the first screen.
Followed by your password.
Then you be required to enter a one-time code that has been emailed to you. You can tick on the 'remember me' feature, this will give you 7 days to skip asking for your verification code.
If your organisation has SMS options turned on and you have verified your email, you will also have the option to receive the code by SMS.
*2FA is available for all members and administrators, however, SMS code options are an additional add-on as they involve direct costs with sending SMS messages. To find out more please raise a support ticket here.
Enforce 2FA for Site Admins and/or Members
Click on SECURITY to go to security settings for your site.
You'll find options to enable 2FA for Site Administrators and all accounts with any administrative access (e.g. Membership, Events, Security, etc). Additionally, there is a separate option to enforce 2FA specifically for members. Choose the options that align with your site's requirements. We highly recommend enabling 2FA for Site Administrators and all accounts with any administrative access, given their comprehensive access to your site and data.
Click save once the appropriate settings have been saved.