Two-factor authentication (2FA) is a security process in which users provide two different authentication factors to verify themselves. This method adds an extra layer of security to the basic login procedure where only the username and password are required.
Here’s how it generally works:
- Something You Know: The first factor is typically something the user knows, like a password or PIN.
- Something You Have: The second factor is something the user has, such as a mobile phone, which can receive a text message with a unique authentication code, or a hardware token that generates a time-based, one-time code.
How 2FA Helps Users:
- Enhanced Security: By requiring a second form of identification, 2FA makes it significantly more difficult for attackers to gain access to a person's devices or online accounts because knowing the victim's password alone is not enough.
- Protection from Phishing: Even if a user accidentally divulges their password, it is useless without the second factor.
- Reduced Fraud and Identity Theft: 2FA provides an additional barrier and deterrent against identity theft.
- Compliance: For businesses, using 2FA can help them comply with key regulations and standards which mandate enhanced security practices.
Implementing 2FA can greatly reduce the risk of unauthorized access, ensuring that even if one factor (like a password) is compromised, the presence of a second factor limits the potential for damage.
To access this feature, go to HR Administration -> Configurations -> Authentication -> Default
This can be only configured by the system administrator so if you wish configure it please reach to goldsupport@orangehrm.com
Administrators can reset two-factor authentication by granting the ability to manage these settings within a user's profile.
The second addition entails enabling two-factor authentication for user accounts, ensuring enhanced security measures across all users. This setting ensures the set up of two-factor authentication for user accounts by defining the user roles.
After enabling this option, select user roles, and click the 'Save' button.