Skip to main content
Submit a Ticket

How can we help?

How to Setup and Activate Two-Factor Authentication (2FA) in RMS.

How to Setup and Activate Two-Factor Authentication (2FA) in RMS.  

 

Overview

Two-factor Authentication requires all Users to provide a second method of identity verification when they log into RMS using their username and password. 

This additional layer of security on login makes it difficult for any unauthorised individual to access RMS even if they obtain a user's login credentials.

Two-Factor Authentication may also be referred to as Multi-Factor Authentication or 2FA.

Activating Two-Factor Authentication will require all Users to connect their RMS User to their chosen authenticator application and enter the verification code to gain access to RMS.

Users with a mobile number or email address stored on their RMS User Profile can receive the verification code using this method instead.

★ Tip: For maximum security, Two Factor Authentication cannot be disabled once activated.
✎ Note: If experiencing issues with your authenticator, consider using Authy or Email Verification for Two Factor Authentication.

 

Setup Checklist

Two-Factor Authentication will change the login requirements for all Users accessing RMS.

Ensure to complete each step before continuing through the setup process for optimal results.

Step 1 - RMS Users

Complete a User Review to audit the current active Users in RMS.

Each staff member requiring access to RMS should be setup as an individual User with their own contact information and a complex password.

Regularly reviewing the active Users in RMS ensures that former employees or unauthorised Users are not able to access the RMS database.

Any User who should not have access to RMS should be set as an Inactive User.

Setting a User to 'Inactive' maintains the audit trails throughout RMS for any actions that the User may have performed.

✎ Before Continuing: Complete the User review before continuing.

 

Step 2 - Two Factor Administrators

Two Factor Administrators are Users in RMS with Security Profile access to generate backup verification codes for other Users.
It is recommended to have at least one Two Factor Administrator that Users can easily contact in the event they are unable to use their authentication device for any reason.

★ Tip: Users nominated as the Two Factor Administrators will require Security Profile access to Two Factor Administration and User Profiles.
✎ Before Continuing: Setup at least one Two Factor Administrator before continuing.

 

Step 3 - Password Policy

The Password Policy setup in RMS determines the level of complexity a User's password must have.
Setup options include the minimum number and type of characters used, how frequently User passwords expire, and the maximum number of attempts a User can make on login.
It is important to include guidelines for users on creating strong User passwords.
All Users will be prompted to change their passwords once the Password Policy has been updated.

★ Tip: Strengthen passwords by not using personal information such as names, dates or favourite things. Keep passwords safe by not writing them down or sharing them with other people. Protect all accounts by not using the same password for multiple applications.
✎ Before Continuing: Update the Password Policy in RMS before continuing.

 

Step 4 - Authenticator Application

Authenticator applications provide individuals with a secure method of retrieving identity verification codes that can be used anywhere Two Factor Authentication is enabled.

All Users will require an authenticator application installed on their mobile device or a private email address to receive the verification codes that will be used to log into RMS.

★ Tip: Sharing the device or email used to receive verification codes creates the same vulnerabilities as sharing a Username and password.
✎ Before Continuing: Ensure all Users have an email address or install an authenticator application before continuing.

 

Step 5 - Activation

Activating Two Factor Authentication in RMS will require all Users to connect their RMS User to their chosen authenticator application or enter an email verification code the next time they log in.

A recovery mobile number can be setup when activating Two Factor Authentication to receive any generated backup codes in the event a User is unable to access the device used for their verification codes.

⚠ Warning: Activating Two Factor Authentication without reviewing the Users that can access your RMS database could enable unauthorised persons with existing User credentials to continue accessing RMS.
✎ Before Continuing: Ensure Steps 1-4 in this guide are completed before continuing.

Guide

In the side menu of RMS, go to Setup > Security.

  1. Navigate to the 'Two Factor Authentication' tab.
  2. Select the checkbox 'Enforce Two Factor Authentication for All Users'.
  3. Enter a Recovery Mobile Phone Number.
  4. Enter a Recovery Email.
  5. Select Save.
    Screenshot of the RMS User Settings security page showing the Two Factor Authentication option with a checkbox or toggle used to enable two-factor authentication for the user account.

 

Step 6 - Connect

The first time a User logs into RMS after two-factor authentication has been activated, they will need to connect their chosen authenticator application to their RMS user.
Users who have not updated their password and are currently absent should be temporarily set to 'Inactive' to prevent unauthorised persons from obtaining and using their credentials to configure Two Factor Authentication during the user's absence.

Guide

  1. Login to RMS.
  2. Open the Authenticator Application.
  3. Scan the QR Code and complete the application setup.
  4. Enter the Verification Code.
  5. Select Login.
    Screenshot of the Two Factor Authentication configuration screen in RMS showing options to select the verification method and enter contact details used to receive authentication codes.

This User will now be connected to the authenticator application and can enter the code provided in the connected app when prompted on login to RMS.

★ Tip: Users who do not share a computer with any other staff may choose to set the device as a 'Trusted Device' for 30 days when logging in using Two Factor Authentication.
✎ Please Note: Verification codes are unique to each RMS user and each Property within the RMS database. Users with access to multiple Properties will see a verification code entry for each Property in RMS once they have connected their Authenticator app of choice to their RMS User.

 

 

Related to:

Was this article helpful?

We're sorry to hear this article was not helpful, please let us know why here, so we can make it better.

Thanks for the positive feedback! We'd love to hear more, let us know here.

Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.

Contact us