This article explains the functionality of Two-factor authentication policy. Two-factor Authentication (2FA) - an additional layer of security, which requires Account Contacts to respond to a second authentication challenge when logging into CONTROL PANEL.
Enabling 2FA affects all account contacts.
A set of 2FA settings that account contacts can modify depends on the role they are granted.
- Private Label Owner: manages common and individual 2FA policies for account contacts and sub-accounts (enable/disable, reset, change phone number, change 2FA method)
- Private Label Operator: manages common and individual 2FA policies for sub-accounts only (enable/disable, reset, change phone number, change 2FA method)
- Private Label
Billing/Customization/Sales :manages only their own 2FA settings (update phone number, change 2FA method).
Read our Knowledge Base article for more information on account contacts and contact roles.
To enable 2FA policy for all account contacts, log into CONTROL PANEL > Account > Security Polices > Two-Factor Authentication Policy.
If you are the account administrator can also select a frequency range for account contacts to prove their identity when logging into CONTROL PANEL
Note: Account contacts themselves can select any method to use on their first login. They can also specify a phone number to use for authentication.
Note: In case you are the only one account contact listed in CONTROL PANEL and has issues resetting 2FA, please contact our Customer Service Team for the assistance. They can be reached at 1-800-379-7729, option 4 for US and +44 (0)20 3384 2158, option 4 for UK.
Enabling 2FA on the account will affect account contacts, who already manage several accounts.
There are several scenarios how the 2FA affects the shared account contacts:
- Adding account contact with already enabled 2FA on another account on the account without 2FA will result in account contact with 2FA enabled.
- Adding account contact without 2FA enabled on the account with 2FA will result in account contact with 2FA enabled
When shared account contact attempts to log into the CONTROL PANEL the compilation of the strongest password policies and 2FA policies of all accounts where this account contact is listed will be applied for authentication.
If the 2FA will be disabled on the account with shared account contact, the 2FA authentication will still be applied if 2FA is enabled on separate account of this shared account contact.
Read our Knowledge Base article on Two-Factor Authentication methods.