Overview
Two-factor authentication (2FA) is a two-step verification system that adds an additional layer of security to login details. It involves the traditional user email and password as well as a 6-digit number generated by an app that is common to the user and the authentication system.
Currently, 2FA is not mandatory at FundApps, and Single Sign-On (SSO) is the preferred setup over 2FA. However, if you would like to, FundApps can enable 2FA in each environment. Determining whether 2FA is required on your account depends on your organisation's needs.
Note: If Single Sign-On (SSO) is implemented, 2FA will be bypassed even if enabled within the FundApps environment. Most SSO providers will offer the option to implement 2FA within their portal, and customers are recommended to contact their Security team to allow it. If SSO is not implemented, 2FA can be used instead.
Setup
To set up 2FA, you will need a smartphone with an internet or Wi-Fi connection and an authenticator app.
Once enabled, any user can sign up to use 2FA on their account by following the steps below:
Download and install a suitable mobile application on your smartphone. There are a number of apps that you can use for this purpose, including Google Authenticator, Authy, Duo, HDE OTP, FreeOTP, Microsoft Authenticator, etc. We recommend Google Authenticator as a free and reliable solution.
Log in to FundApps with your user email/password.
Click on your profile menu in the upper-right-hand corner and select Preferences from the dropdown that appears.
Select Enable Two-Factor Authentication.
Click Save.
Next time you log in, a QR Code will be generated for you and displayed on the screen. Open Google Authenticator and click on the red + symbol. Select Scan a barcode and continue by placing the QR code within the red lines. A code will be generated for you as soon as this is picked up. Enter a valid (unexpired) code as-is into the allocated box and choose to Continue.
You will be redirected to your dashboard, and a caption will pop up to confirm your new settings.
Deactivation
You can deactivate 2FA by navigating to the Preferences screen:
Select Remove Two-Factor Authentication.
Click Save.
This will prompt the system to forget your details. If you decide to enable 2FA again in the future, you will have to go through the setup process once more.
FAQ
What happens if I lose my device (and change to a new device) or my account record is erased from the app I was using?
If you don't have any backup codes available, you can contact your system administrator. They can remove 2FA from your user settings by disabling Two-Factor Authentication under Admin and settings > User Management > Users. You should then log in using your user email and password, after which you will be prompted to set up 2FA again.
What happens if I type the authentication code wrong and get locked out?
A FundApps administrator can remove 2FA from your account. The user (rather than the admin) would also have to reset the password.