Introduction
OpsRamp recommends as a policy to enable and activate two-factor authentication for your account or for the users in your organization. After enabling two-factor authentication, an additional security step is performed when users attempt to log into the application. The authentication process during login varies with the type of authentication mechanism chosen.
Enabling two-factor authentication for accounts
OpsRamp recommends you to enable two-factor authentication to secure your account. You can enable two-factor for your account either from My Profile page or Partner Details page. After enabling the two-factor, you can select the supported type of authentication mechanisms.
To enable two-factor for your account from Partner Details page:
- Select Setup > Account Management > Partner Details. Partner Details screen appears.
- From Partner Details, navigate to Account Information section.
- From Account Information, click
ONto enable two-factor authentication.
two-factor authentication is enabled for your account.
Notes
- You can select the authentication mechanism the next time you log into OpsRamp.
- Enabling two-factorauthentication for your account does not imply enabling two-factor authentication for the clients in your organization.
- You can click OFF in Two-Factor Authentication to disable the two-factor.
Enabling two-factor authentication for clients
Enabling two-factor authentication for your client implies enabling two-factor automatically for existing or new users in that organization. You can also enable two-factor manually for individual users in the Users List page.
To enable two-factor for a client in your organization:
- Select Setup > Accounts > Clients.
CLIENTS screen appears. - From CLIENTS, select one of the desired client names.
The screen displays CLIENT DETAILS. - From CLIENT DETAILS, navigate to Authentication Mechanism section.
- From Authentication Mechanism, click
Enableto enable two-factor.
A tick-mark appears confirming the activation of two-factor.
After you enable two-factor for any client, users configured in the client receive a screen to activate the authentication mechanism when logging in. You can also activate the two-factor key using the Activate option in the User Details page.
Important
- You can click Disable in the Authentication Mechanism section to disable the two-factor for the selected client.
- If you are a Partner administrator with two-factor enabled and activated, your two-factor re-authenticates before deactivating any user. In this way, the action performed is authorized. This eliminates the chances of security issues like session hijacking and so on.
- If two-factor key is entered incorrectly three times, the user is routed to the login page before additional attempts.
Enabling two-factor authentication for users
Enabling and activating two-factor authentication for users in your organization is quite easy for a partner administrator and helps to provide high-level security for their account.
To enable two-factor authentication for users:
- Select Setup > Accounts > Users.
USERS screen appears. - From USERS, select one or more users.
- From the options in Actions drop-down, select Enable Two-Factor. The screen displays a confirmation message.
- Click Yes.
The Two-Factor column in USERS page displays a tick-mark.
After enabling the two-factor authentication for the users, you can activate the two-factor key for those users manually using the Activate Key.
The users will receive a screen to activate the two-factor key while logging in. If you do not activate the two-factor Key for any user.