How does TinyMDM’s two-step authentication work?
TinyMDM’s two-step authentication is a security method that requires two separate forms of identification to access your console.
The main type of identification remains your email and password, but it is reinforced by a second authentication with the Google Authenticator application. This second type of identification adds an extra layer of security. If two-step authentication is enabled, managers will need to use this information every time they log in.
Prerequisite: download the Google Authenticator application
A. Step 1: Enable two-step authentication from the console
In order to activate two-step authentication from the console, you need to go to the My Account tab in the console and click on “Enable two-step authentication“. You will then need to set up your secret question and then scan the QR Code that will appear on your screen, using the Google Authenticator application.
From the Managers and Structure tab of the console, it is possible to enable two-step authentication for the managers. Simply select the managers and click on “Enable two-step authentication for selected managers” as shown in the screenshot below.
On his next connection with his manager address and password, the manager will see a pop-up asking him to install Google Authenticator on his device if it is not already installed as well as to scan the QR code which will appear, from the application.
B. Step 2: Login to the console using the Google Authenticator code
When you log in, after you have entered your password, you will be asked for the authentication code. Just go to your Google Authenticator application and enter the 6-digit code that appears. You will then have access to the administration console. Be careful, the code is regenerated every 30 seconds.
If you want to disable two-step authentication on your main account, just go back to the My Account tab and disable it. Same thing for managers, just go to the Managers and Structure tab and disable the manager’s one of your choice.
C. What happens if I forget my password?
If you have forgotten your password, you must click on “Lost password?” (see screenshot below). Then, you just need to request a password change by entering your email address. An email will then be sent to you with a link to change your password.
D. What happens if I don’t have access to my code?
If you do not have access to your code as a manager, you will need to contact the main account administrator. He will need to disable and re-enable dual authentication for your manager account.
If you do not have access to your code as the main administrator, you will need to click on “Lost Code ?” on the pop-up that will appear (see screenshot below). You will then be asked to enter your email address and an email will be sent to you with a link for you to click on. All you have to do is answer your secret question.