Setting up two-factor authentication

Here you can the detailed setup of 2FA for your community.

1. In the Admin Console, go to People > Settings > Second Factor Authentication.
2. Select Enabled to enable the feature.
3. In Time stamp sec, specify the time step for code renewal.
   The default time step is 30 sec.
4. In Window size, specify the number of periods during which the verification code must be considered valid, in ms.
5. In Reset device token expiration time, set the period during which users will be required to authenticate themselves.
   If a user is not able to finish authentication during this period they are required to restart the procedure.
6. In Key representation, select the algorithm to be used for the shared secret key.
   You can use either the BASE32 or the BASE64 algorithm.
7. In Issuer, set the name to be displayed for the community on the user device as follows:
   • Leave the box empty to use the community root name.
   • Or specify the name to be displayed.
   For more information about the root name, see Renaming root space.
8. Under User device Reset allowed, choose one of the following:
   • Enabled: Users will be able to unpair their devices themselves, in the Preferences settings.
   • Disabled: Users will not be able to unpair the devices themselves. The administrators will have this ability, on the User Summary page in the Admin Console.
9. Under Basic Auth enabled, select Enabled if the basic authentication option must be enabled for accessing the community via API.
   If the basic authentication is disabled, session-based or OAuth authentication will be required for the
   • Enabled: Basic authentication is allowed for the API requests.
   • Disabled: Session-based or OAuth authentication is allowed for the API requests.
10. If you want two-factor authentication to be applicable only for a specif user group, specify the user group ID under Targeted Second Factor Authentication.
    You can find the user group ID on the Group Summary page at People > Management.
11. Click Save.