Setting up multi-factor authentication in PANTHEON
Multi-factor authentication (MFA) or Two-factor authentication (2FA) is an electronic authentication method in which a user is granted access to PANTHEON only after successfully presenting more pieces of evidence (or factors) to an authentication mechanism.
In this chapter, we will present a use case on how to successfully set up MFA and log in to PANTHEON with MFA Token.
The person responsible opens the Administration panel by selecting Settings | Program | Administration Panel from the menu. They open Settings | Company panel.
They enable the MFA by setting the vaildity of MFA Token in the MFA Token valid hours field. In our case they set validity to one (1) hour.
Next they set the length of the token, in our case 4, in the Token lenght field.
 |
Hint
The default value in MFA Token valid hours field is -1, which means that MFA is disabled. To enable it enter the number greater than 0.
For more information, see chapter General.
|
They continue by setting phone numbers for MFA Token for users.
They open the Subjects register by selecting Subjects | Subjects from the menu and find their company, in our case Tecta Plc.
In the Contacts section, they click on a user and enter the contact infromation.
- In the column Type, they select MFA SMS Authentication.
- In the column Phone / E-Mail / URL, they enter the user's phone number.
 |
Warning
If the MFA is enabled and the user does not have a phone number set up, then the login for that user will not be possible.
|
When MFA is enabled, a MFA Login window will open for all users after initial PANTHEON login.
To get a MFA token sent to their device, the user clicks on the Request New Token button. They will receive the token to their device shortly.
Then they enter the received token into the Token field and click on OK button to login in to PANTHEON.
|
Warning
User can request multiple tokens.
If the user's phone number is not set up, the Phone field in the MFA login form will be empty and the login will not be possible.
|