Increase Security with Multi-factor Authentication

Upon your initial sign-in to an account using a new device or application, the MFA process requires more than just your standard login credentials. The typical routine involves entering your username and password, followed by the introduction of a second authentication element, called the "second factor."

How does multifactor authentication work? 

The first time you sign in on a device or app, you enter your username and password as usual, then you get prompted to enter your second factor to verify your identity. For instance, alongside your password, users may be prompted to input a unique code delivered through their Authenticator App or via Text Message (SMS). 

Incorporating MFA into your security practices, you add an extra layer of protection, making it more challenging for unauthorized entities to breach your accounts.

How to customize multifactor authentication for my organization?

With the security features offered by KODE Labs, you have the power to customize the multifactor authentication (MFA) process to align seamlessly with your organization's unique needs. Safeguarding logins has never been more customizable or user-friendly.

Enabling and customizing MFA adds an extra layer of security by requiring users to provide a second form of identification.

To start this journey of customization, simply follow these straightforward steps to access the MFA management panel within Launchpad:

• Go to Launchpad.

• Select “Company” at the bottom of the main left bar.

• Go to the “Authentication & Security” tab.

• You will be prompted to the “MFA” page from where you can customize the MFA to suit your organization’s needs.
  
  

• Choose whether to enforce MFA for all users or grant them the flexibility to decide for themselves.

• This excludes users that use SSO for authentication.

• Choose available MFA frequency options for your organization. You can choose how often users are prompted for MFA during login.

Password Customization Settings

Customizable password settings contribute to system security. Enforcing strong password policies, such as length requirements, character diversity, and regular password changes, reduces the possibility of unauthorized access.

Within this section, you have the flexibility to specify the rules that should be followed for password generation, whether it's for user account creation or password reset.

To customize the password policy, follow these steps:

• Go to Launchpad.

• Select “Company” at the bottom of the main left bar.

• Go to the “Authentication & Security” tab.

• Select the “Password” tab.

Password page helps you to secure your environment by giving you control over password details such as lifetime of password, the frequency of changing the password and what a password contains.

• Password Complexity is a measure of how difficult a password is to guess.

• There are 2 predefined password complexities.

• Medium

• High

• You can customize your password complexity as well, by defining weather the password should include:

• Uppercase letters (A through Z).

• Base 10 digits (0 through 9).

• Non-alphanumeric characters (special characters).

• Non consecutive characters

• Lockout Settings - are designed to temporarily restrict access to a user account after a specified number of unsuccessful login attempts.

• Retries before lockout: You can set a threshold for the maximum number of unsuccessful login attempts allowed before an account is locked out.

Example: You can customize this setting to allow, for instance, five unsuccessful login attempts  before the account enters a locked state.

• Lockout Time and Unit: Once the specified threshold is reached, you can define a time period during which the account remains inaccessible. 

Example: You can configure the lockout time to be 1 hour, during which the account will remain locked, while still allowing legitimate users to regain access promptly after the specified duration.

Password configs

• Password history - refers to the practice of keeping a record of previously used passwords for user accounts. The purpose of keeping password history is to prevent users from reusing the same passwords, which can increase security by minimizing the risk of compromised accounts.

• Password Expiry Time - Password expiry time is the duration after which a user is required to change their password.

Timeout Settings

You can set session and idle timeout values based on the specific needs for your application.

Set an idle and/or session timeout, by following these steps:

• Go to Launchpad.

• Select “Company” at the bottom of the main left bar.

• Go to the “Authentication & Security” tab.

• Select the “Timeout Settings” tab.

Session Timeout - represents the duration a user's session remains active after they log in. When this predefined period goes past without any user activity, the system automatically logs the user out to increase security and protect sensitive information.

Idle timeout - is a subset of session timeout, focusing on the period of user inactivity within an active session. If no user activity occurs during this designated timeframe, the system initiates a logout process.

FAQ

Multi-Factor Authentication (MFA) Use Cases

Password Policy Use Cases

Session Timeout Settings Use Cases