Two factor authentication is a good way of increasing account security, by adding a second step to the normal login flow. In the case of DeployHQ (and other aTech Media services), it simply consists of generating a code using your mobile device which you'll need to enter after logging in.
Setting up two factor authentication
Two factor authentication can be set up via our single sign-on service, aTech Identity. Head there, then login with your DeployHQ account details.
Next, go to Two Factor Authentication under Security Settings on the right hand side.
Then follow the steps to download an appropriate 2FA app (we recommend Google Authenticator, or Authy) on your mobile device. Once you've downloaded and set up the app, you can scan the QR code to set it up initially. This will generate a 6 digit code that you can enter, then, after clicking the Activate button it will be setup on your account.
You'll then be presented with a recovery token which you must make a note of, as this will be required to reset your account, should you lose access to your mobile device.
Further information about the process, including recovering your account in the event of lost access to your mobile device can be found in our documentation.
Require two factor authentication for all users
As well as being able to set up two factor authentication for your own login, if you're the administrator of a DeployHQ account, you can set up two factor authentication enforcement, meaning they must set it up before they can login to your account.
To enable the option, simply head to Settings in your DeployHQ account, then Account & Access:
Enable Require all users to have two factor authentication enabled at the bottom of the screen, then click Update account. Once this has been done users will be met with a prompt to set up two factor authentication when they login if they haven't done so.
You'll be able to monitor users to see if they have set it up in your User Management area.
Users with 2FA enabled will be marked with a shield icon, users without 2FA will have the same icon but greyed out with a strikethrough.
If you have any questions about this, or other aspects of the DeployHQ service, please don't hesitate to ask.
