Introduction
What is Two Factor Authentication(2FA)?
Therefore, to enhance the security of digital accounts and protect against unauthorised access, user can enable the Two-Factor Authentication (2FA) feature within the meritto portal. This feature will allows both:
1. Account-wide users
2. Individual user level within an account
Thus, ensuring an additional layer of security for all users.
How to enable Two-Factor Authentication at Account Level?
Prerequisite
Users should have "Allow users to edit security settings" permission to enforce the 2FA at account level.
Steps to configure
Step 1: Click on “Settings” which appears on the top right of your screen.
Step 2: In the Security section, toggle the “Enable 2FA” button to activate it, and then click save.
Step 3: Once account-level 2FA is activated, this will apply to all users in the account. Default Email Authentication will be enabled.
Note:
Users will receive a default 6-digit verification code on their registered email. After logging in with their email and password, they will be prompted to enter the verification code sent to their email.
How to configure other Two-Factor Authentication methods?
There are three different methods through which a user can enable their Two-Factor Authentication depending on their own preferences -
- Email Authentication
- Google Authenticator
- Phone Number Authentication
Note:
By default, email authentication is enabled if the user hasn't selected any other authentication method in their security preference.
Email Authentication
Steps to configure
Step 1: Log in to your user profile. Navigate to "Security Settings" in your account. On the Security page, find the toggle button named "Secure your Account with 2FA".
Step 2:Turn on the 2FA toggle button to activate this by default.
Google Authenticator
Steps to configure
Step 1: Log in to your user profile. Navigate to "Security Settings" in your account. On the Security page, find the toggle button named "Secure your Account with 2FA." Enable the toggle to view available 2FA methods.
Step 2: Download and install the Google Authenticator App on your mobile phone. Click on "Set up Authentication" under the Google Authenticator tab in the Security Settings. Follow the instructions to set up Google Authenticator.
Step 3: Once verified, Google Authenticator will be enabled as your 2FA method.
Note:
If Google Authentication is removed, Email Authentication will be enabled by default if no other authentication method is configured.
Phone Number Authentication (For Indian mobile numbers only)
Prerequisite
This method will only function if the user has added a mobile number to their profile.
Steps to configure
Step 1: Click on "Set up Authentication" under the Phone Number Authentication tab in the Security Settings.The screen will display your registered mobile number in "view only" mode. If the phone number is blank, then kindly update your phone number first.
Step 2: Click on Save to complete the Phone number 2FA.
Step 3: Each time you log in, enter the 6-digit verification code sent to your registered mobile number after the Email ID and password step.
Note:
If Phone number authentication is removed, Email Authentication will be enabled by default if no other authentication method is configured.
How to configure User Level Two-Factor Authentication?
Steps to configure
Step 1: Log in to your user profile. Navigate to "Security Settings" in your account. On the Security page, find the toggle button named "Secure your Account with 2FA".
Step 2: Turn on the toggle to activate 2FA for added security.
Step 3: Set up the other 2FA methods at the user level as needed.
How to configure “Remember Me" in 2FA Functionality”?
Steps to configure
Step 1: Log in to your Meritto Account and enter the 2FA verification code sent to your registered email or phone.
Step 2: After entering the 2FA code, you'll see a screen with two options:
- Remember me: Skip 2FA for the next 7 days on this device.
- Ask for 2FA every time: Require 2FA on every login.
Step 3: Select "Remember me" to avoid entering the 2FA code for 7 days. Choose "Ask for 2FA every time" to ensure 2FA is required for every login.
Congratulations!! You have successfully enabled 2FA to enhance your security.