Setting up multi-factor authentication in PANTHEON 

Multi-factor authentication (MFA) or Two-factor authentication (2FA) is an electronic authentication method in which a user is granted access to PANTHEON only after successfully presenting more pieces of evidence (or factors) to an authentication mechanism.

Warning Tokens can be sent to users only if eMessaging service is activated and a sufficient quantity of messages is available in the package. You can order eMessaging service on our User Site. Additional information about the service can be found on the Datalab website.

Hint To see a use case on how to log in to PANTHEON using MFA, read the chapter Logging into PANTHEON using multi-factor authentication.

In this chapter, we will present a use case on how to successfully set up MFA in PANTHEON.

Case summary The administrator wants to set a Multi-factor authentication for all users in PANTHEON. They must enable MFA in Administration panel and set user's contact infromartion. They do this by following these steps. Enabling MFA Setting up phone number for MFA token

1. Enabling MFA

The person responsible opens the Administration panel by selecting  Settings | Program | Administration Panel from the menu. They open Settings | Company panel.

They enable the MFA by setting the vaildity of MFA Token in the MFA Token valid hours field. In our case they set validity to one (1) hour.

Next they set the length of the token, in our case 4, in the Token lenght field.

Hint The default value in MFA Token valid hours field is -1, which means that MFA is disabled. To enable it enter the number greater than 0. For more information, see chapter General.

They continue by setting phone numbers for MFA Token for users.

2. Setting up phone number for MFA Token

They open the Subjects register by selecting Subjects | Subjects from the menu and find their company, in our case Tecta Plc.

Hint You can access user's contact info by double-clicking on the Contact/Clerk field of a user in Users and Groups | Users | User panel in Administration panel.

In the Contacts section, they click on a user and enter the contact infromation.

• In the column Type, they select MFA SMS Authentication.
• In the column Phone / E-Mail / URL, they enter the user's phone number.

Warning If the MFA is enabled and the user does not have a phone number set up, then the login for that user will not be possible.