Two-factor (2FA) or multi-factor (MFA) authentication is an additional layer of security that helps to address the vulnerabilities of a standard password-only authentication process.
Why do you need an additional layer of security ?
In today's online ecosystem, a 'username and password' approach to security is relatively easy for cybercriminals to bypass.
2FA (also known as two-factor authentication, or multi-factor authentication) supplements the username and password combination with an additional 6-digit numeric code that must be provided when logging in. This code is generated on your mobile device, which only you have access too.
This authentication method can be easily summed up as a combination of 'something you have and something you know'.
By adding this additional step, your data is significantly more secure and the risk of a cybercriminal gaining access to your data is minimized.
We take the security of your data very seriously, and if we detect that the nature of your access to data requires this additional layer of security, we will require that you configure 2FA the next time you log in to the Cognician platform. This will happen automatically.
Configuring 2FA for the first time
When you log in to the Cognician platform you will be asked for your username (email address) and password as normal.
After you have provided the correct login information, a QR code (a bar-coded image) will be displayed as shown below.
This QR code is designed to be scanned by a special application on your mobile device known as an Authenticator Application. Once it has been scanned, this application will start generating 6-digit codes which you'll need to provide every time you log in.
Once you have installed this application, you are ready to scan the QR code using these steps:
- Tap Begin or Scan a Barcode from within the Authenticator Application on your device.
- Your device will activate its camera to enable you to scan the QR code displayed on the Cognician website (as shown above).
- Point your device camera at the QR code to scan it.
- The Authenticator Application on your device will vibrate to indicate that it has scanned the QR code successfully and it will start to generate your 6-digit OTP (One-Time Pin) codes.
The image above shows a device that has scanned multiple QR codes for different websites. Your device might have only one entry from the QR code you just scanned on the Cognician website.
The circle next to the code indicates how much time the currently displayed QR code is valid before it expires. QR codes expire every 30 seconds and a new one is generated. After a QR code expires, it is no longer valid and will not work if you try to use it when asked for a code on the Cognician website.
Enter the code in the field provided on the Cognician website and you have successfully configured your 2FA. Congratulations! You will need to provide the currently displayed code from within the Authenticator Application every time you log in to the Cognician platform from now on.
NB: You will not be prompted to scan the QR code again once you've set this up for the first time. The QR code is displayed only as part of the 2FA onboarding process. On subsequent logins you will be asked for a code only.