Learn about our newest features and enhancements!
Setting Up Two-Factor Authentication
Jessica Mocha 12/10/2021 3:46:00 PM
To help promote online safety and security, CharityEngine does encourage all accounts to use our Two-Factor Authentication. This will help prevent unauthorized users from gaining access to any accounts.
To configure the Two-Factor Authentication, navigate to Configuration > Security > Authentication. From there you will be able to configure your settings for Untrusted and Trusted Authentication Policies.



The Untrusted Authentication Policy will apply for users who are logging into an unknown network. An unknown network is any network that has never been used by a user to login to CharityEngine. For example, if a user is telecommuting from home or is in a new office, the network will be unknown to CharityEngine

The Trusted Authentication Policy will apply to networks that have been approved, either by manually entering the IP address into the CharityEngine database (for instructions on how to manually enter the IP address, click here), or approving the network when you log in for the first time.

For Each Dropdown, you will have three options: Basic, Two-Factor, and Two-Factor (super-user only).



Basic Authentication

Basic Authentication will provide the least amount of security with your accounts. When a user logs in for the first time from an unknown network or an untrusted network, a blue bar will appear at the top of the screen asking if the network you are using a trusted network. If the network you are using is a home network or work network, select yes. If the network is a public network, select no to prevent the IP Address from being added to the Trusted IP list. The message will not appear for the same IP again once you have selected yes or no.



Two-Factor Authentication

For best practices and security, CharityEngine encourages users to configure Two-Factor Authentication. This will trigger a text or an email every time a user logs into the account. If there is a cell phone in the database for the account, once the user enters their username and password, a text will be sent to the user.

If there is no cell phone, an email will be sent. The user will then have to enter the code that was sent for the two-factor  authentication

Note: If you only want two-factor authentication the first time a user is logging into a new network, select basic for the trusted network policy and two-factor for the untrusted network policy

                                                  

Note: you will not be able to enter the code multiple times. If you have entered the code incorrectly, a new code will have to be sent and entered correctly for access to the system. Please ensure you are entering the code correctly, as too many tries will lock the account.

Two-Factor Authentication (Super User only)

This authentication is exactly as it sounds, only for super users. It will have all the same characteristics as the Two-Factor Authentication described above, but will only apply to accounts with the Super User access role. Superusers have the most access to CharityEngine features and data.



Related Articles

Powered by Powered By CharityEngine