Two-factor authentication at the site level

Enabling two-factor authentication

You can enable two-factor authentication for all Brightspot users associated with a particular site. In addition, you can override the site-level two-factor authentication setting at the role level and at the user level.

Caution

The following procedure locks your account and all other accounts until users are able to enter their own authentication passwords. Ensure your users are trained and have an authenticator installed on their phones before enabling two-factor authentication at the site level.

To enable two-factor authentication at the site level:

  1. Install an authenticator, such as Google Authenticator, on your device. The authenticator must be able to read QR codes.

  2. From the Navigation menu, select Admin > Sites & Settings.

  3. In the Sites widget, click Global. The Edit Global widget appears.

  4. Under Main, under Security, turn on Two-Factor Authentication Required.

  5. Click Save. The Enable Two-Factor Authentication widget appears. (You are effectively locked out of your account; you must complete this procedure before you can continue using Brightspot.)

    ../../../_images/enable-two-factor.png

    Enable Two-Factor Authentication Widget

  6. Using the authenticator on your device, scan the QR code in the widget. The phone responds with an authentication code.

    ../../../_images/auth-code.png

    Sample two-factor authentication code

  7. Enter the authentication code in the Code field.

  8. Click Verify. You return to the Edit CMS widget.

Disabling two-factor authentication

To disable two-factor authentication at the site level:

  1. From the Navigation menu, select Admin > Sites & Settings.
  2. In the Settings widget, under Applications, click CMS.
  3. In the Edit CMS widget, under Defaults, turn off Two-Factor Authentication Required.

See also: