Two-Factor Authentication

CINNOX lets you set up two-factor authentication (2FA), which will require you to verify your identity further using a code generated by an authentication app after you type in your username and password when logging in to your CINNOX service. This added security layer helps keep your CINNOX account credentials safe, even if your password gets compromised.

 

This guide provides steps to configure and manage the following:

 

Service-Level 2FA

You can set up 2FA at the service level, which will require all Staff members to set it up in their accounts. If a Staff member fails to configure 2FA on their account before the service-level authentication has been enforced, they will be automatically logged out of the service so they can set up 2FA.

📘

The staff member with administration access can enable or disable service-level 2FA.

 

Enabling Service-Level 2FA

To enable service-level 2FA:

  • From the navigation menu, go to Administration > Security > Service Authentication, then click on Edit beside Two-Factor Authentication.
  • Toggle the button ON then click on Save.
  • On the pop-up window that will appear, type in your password then click on Confirm.
  • On the Service Level 2FA setup wizard that will appear, click on Next.
  • Type in your custom message on the text box provided. This message will be included in the system-generated message that will be sent to Staff members. The custom message should be no longer than 200 characters.
  • Click on Activate Two-Factor Authentication.

Once the service-level 2FA is activated, Staff members will receive the system-generated message in their email, as well as in their Dashboard or App through a CINNOXBot message.

Sample CINNOXBot messageSample CINNOXBot message

Sample CINNOXBot message

 

Disabling Service-Level 2FA

To disable service-level 2FA:

  • From the navigation menu, go to Administration > Security > Service Authentication, then click on Edit beside Two-Factor Authentication.
  • Toggle the button OFF then click on Save.

 

Staff-Level 2FA

Whether or not a Staff administrator activates the service-level 2FA, you can still take advantage of this security feature on your own.

 

Enabling 2FA

Before enabling 2FA in your CINNOX account, make sure you install any of the following third-party authentication apps on your mobile device first:

  • Google Authenticator
  • Microsoft Authenticator

To enable 2FA:

  • From the navigation menu, go to My Account > Authentication, then toggle the Staff Two-Factor Authentication button ON.
  • On the pop-window that will appear, click on Next.
  • Scan the QR code displayed on your screen using the authentication app installed on your mobile device, then click on Next.
    • If you are having issues scanning the QR code, click on Are you having trouble scanning the QR code? and follow the instructions on how to generate the verification code manually.
  • Type in the six-digit verification code generated by your authentication app then click on Verify and Activate.
  • Save a copy of your backup codes, e.g., by clicking on Print, then click on OK.

 

Cannot find the code?

If you are having trouble finding or accessing the six-digit code in your authentication app, you may use one of your 2FA backup codes to log in.

 

2FA Backup Codes

When you enable 2FA, CINNOX automatically generates ten backup codes that you can use to verify your account when your mobile device and authentication app is not available. We recommend that you save a copy of these codes and keep them in a safe place.

2FA Backup Codes2FA Backup Codes

2FA Backup Codes

📘

Note:

You can only use a backup code once.

To view your backup codes:

  • From the navigation menu, go to My Account > Authentication.
  • Under Staff Two-Factor Authentication, click on 2FA Backup Codes.

 

Disabling 2FA

To disable 2FA:

  • From the navigation menu, go to My Account > Authentication, then toggle the Staff Two-Factor Authentication** button OFF.

📘

Reminder

You cannot disable 2FA if it has set it up as a required service-level authentication.


Did this page help you?