This article covers topics such as what is 2FA, how to set it up, how to disable it and what to do when you can't sign in. It only covers the topics for the admin portal. If you are an employee in your organisation, please see the following article: "Two-Factor Authentication (2FA) for employees".
What is Two-Factor Authentication?
When signing in, you would normally have to enter your email address and password. When Two-Factor Authentication is enabled you would also need to enter a time-based one-time password (TOTP). This is an additional security measure to keep someone else from signing in to your account even if they know your email address and password.
How to set up Two-Factor Authentication in the Admin portal?
You can enable 2FA on the employee profile page as seen below.
Authentication through a code-generator app (e.g Google Authenticator) will be the default option. Setting up 2FA via SMS has two requirements:
Voice & SMS module has to be active as otherwise SMS-s with codes cannot be sent.
"Allow two-factor authentication over SMS" has to be enabled in System Settings since each SMS has a cost unlike authenticator app codes:
In general, employees with smartphones should use the code-generator app to generate codes. SMS functionality allows people with non-smartphones to use 2FA.
To find out how to set up 2FA on your own account, see the steps in the "Two-Factor Authentication (2FA) for employees" article.
How to disable Two-Factor Authentication in the Admin portal?
You can disable 2FA on an employee account by turning off the slider on their profile.
To disable 2FA on your own account, see the steps in the "Two-Factor Authentication (2FA) for employees" article.
Troubleshooting
I am unable to disable 2FA on my own account as an administrator.
You can ask another user with administrator rights to disable 2FA for you.
I am the only user with administrator rights and I can't disable 2FA on my account.
Contact PARiM support through the chat bubble or send an email to support@parim.co.