Versions Compared

Old Version 28

changes.mady.by.user Documenter

Saved on

compared with

New Version 29

changes.mady.by.user Documenter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Two-factor authentication (2FA) is mandatory for CMS logins. The user is required to enter their password and verify the login through a PIN (passcode) provided by from an authenticator app on their personal device. This two step procedure aims to ensure that the person logging into the CMS is the owner of that account.

...

Info

To use two-factor authentication, a User must have the following ready:

  • an authenticating device: this is usually a personal device the User has access to during the login process, e.g., their smartphone, 
  • an authenticator app installed on their authenticating device.

There are a number of free third party Authenticator apps available and free that Users can easily download to their personal devices. Some popular ones are Google Authenticator, Authy and Microsoft Authenticator.
NOTE - The authenticating procedure may vary slightly for different apps but they all involve first, scanning a QR Code or manually entering an entry key, and then obtaining the authentication PIN for login.  

...

Initial Authentication Setup

...

Globally Enforced

With two-factor authentication globally enabled, the User will be required to set up the two-factor authentication 2FA when they next attempt to login to CMS.

...

  1. At the CMS login screen, enter your Username and Password, then click Login

  2. Instead of being logged in, the Authentication popup displays. 
  3. Open the authenticator app on your authenticating device.

  4. Either scan the QR Code or type in the Manual Entry Key. NOTE - if the 'Manual Entry Key' option is used, ensure 'Time-Based' is selected if you are asked to select a 'Type of Key' option.

  5. The authenticator app generates a PIN that expires in a set amount of time. Enter this PIN in the Authentication popup.

  6. , Click Verify and Login. If the PIN is valid, access to CMS will be granted. 

...

  • A User can reset two-factor authentication for their CMS login. They must be logged into the CMS at the time.
    In the CMS, hover over the Image Removed icon on the top right corner of the screen.
    In the menu displayed, select Manage Account.
     Image Removed
  1. In the Manage Account screen, click the Two-Factor Authentication Setup button.  
    Image Removed
  2. In the Setup Two-Factor Authentication screen, you will see a generated 'Manual Entry Key' and a 'QR Code'. 
    Image Removed
    In your authenticating device, open the authenticator app and either scan the QR Code or type in the Manual Entry Key. NOTE - if the 'Manual Entry Key' option is used, ensure 'Time-Based' is selected if you are asked to select a 'Type of Key' option.
    The Authenticator app will generate a PIN. Enter this PIN in Verify Setup by Entering Authenticator App PIN.
    Click Verify and Save. If the PIN is valid, setup is successful and you will be logged into CMS. NOTE - A popup error message will display if the PIN is invalid.  

Subsequent Logins

  • Once a User has successfully reset set their 2FA, the authenticator app saves the account for CMS login. At the next login, the User simply opens the authenticator app in their device to obtain a valid PIN. This PIN is entered after the Username/Password step. 

 

Failed Logins

  • The User has five attempts at logging in. After the fifth failed attempt, they will be locked out for an hour.  

...

To change the CMS password,

  1. While logged into CMS, hover over the icon on the top right corner of the screen.

  2. In the menu displayed, select Manage Account.


  3. In the 'Change Password' panel, enter the Current/New Password details. 
     

  4. In Two-Factor Authentication Required, enter a valid PIN obtained from the authenticator app.

  5. Click Change Password.

...

2FA Resets

Reset by User

  • An authenticated User can reset and set up a new authentication when logged in CMS. To reset authentication, they just follow the steps for User Reset for 2FA. Once the procedure is completed, the new authentication will automatically replace the old one. 

...

If a User has lost access to their current authentication, e.g., they have lost their authenticating device or the authenticator app is not available, they can contact their CMS Administrator or Commerce Vision to ask for an account reset. Once the current authentication is cleared, the User can set  up another authentication. 

Anchor
UserSetup
UserSetup
User Reset of 2FA

  • A User can reset 2FA for their CMS login. They must be logged into the CMS at the time.
  1. In the CMS, hover over the Image Added icon on the top right corner of the screen.

  2. In the menu displayed, select Manage Account.
     Image Added

  3. In the Manage Account screen, click the Two-Factor Authentication Setup button.  
    Image Added
  4. In the Setup Two-Factor Authentication screen, you will see a generated 'Manual Entry Key' and a 'QR Code'. 
    Image Added

  5. In your authenticating device, open the authenticator app and either scan the QR Code or type in the Manual Entry Key. NOTE - if the 'Manual Entry Key' option is used, ensure 'Time-Based' is selected if you are asked to select a 'Type of Key' option.

  6. The Authenticator app will generate a PIN. Enter this PIN in Verify Setup by Entering Authenticator App PIN.

  7. Click Verify and Save. If the PIN is valid, setup is successful and you will be logged into CMS. NOTE - A popup error message will display if the PIN is invalid.  

Anchor
reset
reset
Reset two-factor authentication for a User

...