This tutorial will walk you through setting up Dual-Factor Authentication (DFA) for your administrative login. This functionality is ONLY available to administrative login and CANNOT be used with storefront login.
Protect your account with 2-Step Verification (also called DFA/MFA or Dual/Multi Factor Authentication). When you login to an administrative area you'll need to enter a random code in addition to a password. This added security means if your password is stolen, your account cannot be accessed without the random code.
Codes can be generated by using:
- Authenticator Application (e.g. Authy, 1Password, or Google Authenticator)
- SMS/Text (US Only)
KEEP IN MIND IF YOU LOSE ACCESS TO THE ABILITY TO GENERATE THE RANDOM CODE OR YOUR BACKUP CODES, YOUR ACCOUNT MUST BE DELETED AND RE-CREATED BY SOMEONE ELSE ON YOUR TEAM or you can contact us here for assistance.
Article Sections
- Select 2-Step Verification
- Authenticator Application
- E-Mail Authentication
- SMS/Text Authentication
- Backup Codes to Login
- Disabling 2-Step Verification
- Notes
Select 2-Step Verification
To get started, log into controller.mybrightsites.com to set this up at the store administrative level, login at the store URL followed by “/admin” (e.g. https://brightsites.mybrightsites.com/admin)
- Click the Profile icon (upper right-hand corner).
- Click Enable 2-Step Verification.
After doing this, you’ll need to re-enter your password to start the process of configuring DFA.
- Enter password - Enter your account password.
- Click Continue.
From here, you’ll choose the authentication method you plan on utilizing. We support:
- Authenticator Application (e.g. Authy, 1Password, or Google Authenticator)
- SMS/Text (US Only)
- Backup Codes (Will need to set up a supported authentication method before backup codes can be created.)
- Select the Authentication Method you wish to use, either Authenticator App, Email or SMS/Text.
- Click Continue.
Authenticator Application
If you choose this option you’ll need to have a supporting application which can authenticate you (e.g. Authy, 1Password, or Google Authenticator). After selecting Authenticator App, click continue and you’ll be taken to this screen.
- Scan the QR code or click Download QR Code to download the image file to upload into the authenticator.
- Click Continue.
Next, to confirm the configuration is set, you’ll need to enter the code generated by your authenticator.
- Enter secret code - Enter the code generated by the authenticator.
- Click Verify to continue.
Once verified, you’ll see a message from the system letting you know that 2-Step verification has been setup.
Now, whenever you login, you would need to enter a random code along with your actual password to access your admin account. If you have a computer used frequently and it’s a computer that only you use, you could check the box for remember this browser for 45 days and then the random code won’t be required when using that system. Keep in mind if you clear your cache or browsing history, this will reset that setting.
E-Mail Authentication
After selecting E-mail click continue and you will be taken to a screen where you can input an email address to receive the random code.
- Enter E-Mail - Enter the e-mail address the verification code should go to.
- Click Continue.
The email will contain the code needed to complete the 2-Step verification setup process (example below).
Enter the code from the email within 5 minutes.
- Enter secret code - Enter the code from the email.
- Click Verify to continue.
- Resend - Click only if you need a new code generated. This invalidates the previously sent code.
Once verified, you’ll see a message from the system letting you know that 2-Step Verification has been setup.
Now, whenever you login, you would need to enter a random code along with your actual password to access your admin account. If you have a computer used frequently and it’s a computer that only you use, you could check the box for remember this browser for 45 days and then the random code won’t be required when using that system. Keep in mind if you clear your cache or browsing history, this will reset that setting.
SMS/Text Authentication
After selecting SMS/Text click continue and you will be taken to a screen where you can input the mobile number you want to receive texts at.
- Enter Phone - Enter the phone number to receive the code.
- Click Continue
You will receive a text message with the code to enter
Enter the code from the text within 5 minutes.
- Enter secret code - Enter the code from the email.
- Click Verify to continue.
- Resend - Click only if you need a new code generated. This invalidates the previously sent code.
Once verified, you’ll see a message from the system letting you know that 2-Step Verification has been setup.
Now, whenever you login, you would need to enter a random code along with your actual password to access your admin account. If you have a computer used frequently and it’s a computer that only you use, you could check the box for remember this browser for 45 days and then the random code won’t be required when using that system. Keep in mind if you clear your cache or browsing history, this will reset that setting.
Backup Codes to Login
To generate back-up codes to login (in the event you’re not able to utilize your authentication method to generate a code), first log into the admin area and click on the profile icon. Note, backup codes are only available after you have successfully activated DFA .
- Click Create Backup Codes.
- Click Save to continue.
You will be taken to a screen to authenticate your access by entering in a code that is generated by the authentication method you have setup.
- Enter Secret Code - Input the code generated by your authentication method.
- Generate - Click to generate backup codes.
Once the system has verified the code, you will see a list of your backup codes that can be used. You will need to copy these codes and paste them into another area where you can view them safely and securely. These codes are only displayed once, and clicking Create Backup Codes again will recreate all codes and invalidate the previously generated set.
Copy Codes - Click to copy the codes and paste them into a safe location. If you do need a new set of backup codes re-generated, please follow these steps again.
Disabling 2-Step Verification
To disable 2-Step Verification if you no longer require it, login to the admin area for your account and click the profile icon.
Disable 2-Step Verification - Click this button to disable this feature.
You will be required to input the random code to disable 2-Step Verification. Once you have the code input, click disable.
- Enter Secret Code - Input the code generated by your authentication method.
- Disable - Click to disable this feature on your account.
Finally, you’ll see a screen confirming that 2-Step Verification has been turned off.
Notes
- You can only use ONE type of Authentication method per account.
- When using email or SMS, keep in mind when clicking resend, while it does send you a new authentication code to use, the previously generated value will be invalidated.
- If using E-mail as your authentication method, you may need to check your spam/junk mail for the email.
- When creating backup codes, keep in mind that each time you generate a new set, the previously generated set is invalidated.
- Backup codes are only displayed once, so we recommend copying them to a file saved in a secure location.
- If you lose your backup codes and access to your authentication method, your account will need to be re-created.
Comments
0 comments
Please sign in to leave a comment.