Search our Help.

2-Step Authentication

Follow

Page Contents:

Recommended Authenticator Options

Setting up 2-Step Authentication

How to setup your 2-Step Authentication Tutorial Video

How to Reset your 2-Step Authentication

User Scenarios

FAQs

Recommended Authenticator Options

There are several Authentication apps available.  Your company may already have a security policy stipulating an authenticator app that you must use. If so, all you need to do is add your Unleashed account to that app during the setup, and ensure your authenticator has six-digit codes.

If you do not have a recommended application, here are a few recommendations:

Google Authenticator → https://support.google.com/accounts/answer/1066447 
Microsoft Authenticator → https://www.microsoft.com/en-us/account/authenticator
Chrome Authenticator → https://chrome.google.com/webstore/detail/authenticator/bhghoamapcdpbohphigoooaddinpkbai

Setting up 2-Step Authentication

Please note that this process can take anywhere from 2 minutes (if you are simply adding Unleashed to an existing authenticator app) to around 10 minutes for someone using an authenticator app for the first time.

1. After Unleashed receives a valid login email address and password combination, you will be prompted to set up 2SA.

2. Install an Authenticator app on your phone or computer from the above recommended list or install the authenticator app instructed by your Account Owner/Administrator (note: you may already be using an authenticator app, in which case simply add your Unleashed account).

3. Open your Authenticator app and scan the QR (Quick Response) code, or click on the wording "enter your key manually" which will reveal characters that you can use for the authenticator app instead of scanning the QR code.

mceclip0.png
 

4. After entering or scanning the QR code, the authenticator app will reply with your unique, six-digit authentication code, which is usually valid for between 30 and 60 seconds before a new code is generated.

5. Input the unique six-digit code (in this example, it would be 123 456).

2SA_2-1.png

 

6. You will now be asked to provide an alternative email address so that an authentication code can be emailed to you if you cannot access your Authentication App. This cannot be the same email address as your Unleashed login email address, so a personal email address is ideal​.

7. Click "Send Verification Code", and a confirmation message will pop up. 

8. Verify your alternative email address by retrieving the email and supplying the code that was sent to your alternative email address (emailed authentication codes are valid for 15 minutes).


2SA_3(1).png

You are now set up for 2SA! Click on "Got It" to take you to Unleashed.

The next time you login to Unleashed you will be prompted for a new authentication code.  There is an option to "Remember me for 30 days" which you can check so that you only have to authenticate every 30 days. Please consider your situation carefully before enabling this option.  If you need to have an authentication code emailed to your alternative email address, click on "Lost your mobile device?".

How to setup your 2-Step Authentication Tutorial Video

How to Reset your 2-Step Authentication

In the instance where you lose access to your existing authentication or would like to setup authentication on a new device, your Account Owner for Unleashed can reset your 2-Step Authentication, allowing you to use your new device moving forwards:

  1. The Account Owner navigates to Settings | Security | Users.
  2. Hover over the Action Cog, next to the user's name, and select the option to Reset 2SA.
  3. This will prompt the user to set up Unleashed's 2-Step Authentication upon the user's next login attempt. 

If you are the Account Owner of your Unleashed account, you are able to reset your own 2 Step Authentication (2SA). However, if you're having issues accessing your account owner login to reset 2SA please submit a case to our Support Team, and they will be happy to assist you with the resetting process. 

User Scenarios

As per Unleashed's Terms and Conditions, a User is defined as follows:

An Invited User is a unique individual authorized by You to use the Services for Your benefit in accordance with this Agreement, including Your employees, representatives, contractors and agents and the employees, representatives, contractors and agents of Your Affiliates (if any).

Please see clauses 2.1, 3.6 and 8.2 of Unleashed’s Terms and Conditions which reference User Licensing, access conditions and subscription levels

Note:  We will be implementing session management in the near future. This will automatically time out inactive sessions and you will be required to authenticate when you next login.

Scenario Action
Single User - 1 person using 1 device

Set up your 2-step authentication. In this scenario, any of the recommended methods are a good fit and you could also use the "remember me for 30 days" option.

Single User - 1 person using multiple devices

Where it is a legitimate multiple device situation, you will need to use the same device and/or alternate email address for authentication. In this scenario, the Google Authenticator app is the recommended method.

Single User with access to multiple organisations

Set up your 2-step authentication once and access your other organisations within Unleashed as usual.

One device that multiple users use for short periods
(e.g. a Warehouse PC)

Each user sets up their 2-step authentication and must log out of Unleashed between sessions. In this scenario, any of the recommended methods are a good fit and you could also use the "remember me for 30 days" option.

A user logs on with a generic email address
(e.g sales@company.com, admin@company.com)

The identified "custodian" of the email address will need to set up authentication for the generic email address with an agreed alternative email address.  In this scenario, any of the recommended methods are a good fit.

A QBO Customer is using the Intuit single sign-on facility

There is currently no change to this process.

A QBO Customer is using the Unleashed log in 

Set up your 2-step authentication.  In this scenario, any of the recommended methods are a good fit.

A User has lost their device

Use the "lost device" option which emails an authentication code to the alternative email address you entered during setup.

 

FAQs

What is Two-Step Authentication?

Two-Step Authentication (also known as 2SA) is a type, or subset, of multi-factor authentication (also known as MFA). It is an additional level of security as it is a way of confirming users' identities by using a combination of 2 different factors: 

  • something they know (a password)
  • something they have (a device), or
  • something they are (answers to questions only they know)

Unleashed uses a third-party authenticator app that enables two-step authentication.  The authenticator app generates a code that is frequently refreshed and which only you can use in order to authenticate your login request.

Having this additional layer of security makes it significantly harder for someone to get access to your account, even if they have managed to get hold of your password.

How does 2-Step Authentication work?

When you set up 2SA you will be provided a secret key to an authenticator app. This secret key is unique to your Unleashed account and is passed to a Time-based One-Time Password algorithm (TOTP) that generates a unique authentication code that must match the code generated by your unique secret key within Unleashed.  If the authentication codes do not match, you will need to try again. The authentication codes can be sent to your alternative email address if necessary.

What do I need to set up 2-Step Authentication?

  1. Your Unleashed user email address and password
  2. A device on which to install your authenticator app (smartphone or desktop of your computer)
  3. An alternative email address (required in cases where you may not have access to your phone or computer) - this email address cannot contain the "+" sign and must be different to your Unleashed login email address

When do I need to set up 2-Step Authentication?

For new accounts, you will need to set up your 2SA within 14 days of your account creation.

What happens when I enter invalid authentication codes?

Authentication codes are generated and are only valid for a limited time to ensure security.  Authenticator app codes are generally valid for between 30 and 60 seconds.  Authentication codes sent to your alternative email address are valid for 15 minutes. Sometimes you may enter a code that has already expired and you will be "challenged" to provide another code.

After 3 failed attempts, you will be offered the option of having the authentication code emailed to your alternative email address.

When I input my 6 digit code I get the message "Your authentication information is incorrect. Please try again."

If you are receiving an error after inputting your 6 digit authentication code this could be related to the device's date and time. Make sure your device is set correctly by turning on the automatic time zone feature in your device settings.

How long does my session last before Unleashed logs me out?

Currently Unleashed does not log you out after a being idle for any period of time, but will be introducing session management at a later date to identify idle sessions and time them out.

How long does it take for my alternative email address verification email to arrive in my inbox?

The verification email for an alternative email address should arrive almost instantaneously. In the event you have not received it within a few minutes, please check your spam and junk folder, or contact the Unleashed Support by submitting a case.

 

Was this article helpful?
3 out of 11 found this helpful