Added Two Factor Authentication
by Mandy Carpenter
Mandy Carpenter No Comments
Generate PDF

Two factor authentication has been added in version 1.21.10

With regards to compliance with GDPR and the Protection of Personal Information Act (4 of 2013), HeroTill can be setup in such a way to prevent personal information from being lost, changed or stolen.

The identity of admin staff using HeroTill can be ensured using two-factor authentication, controlling who has access to customer information on the system.

The customer portal does not have two factor authentication.

How to enable this feature

Go to Setup –> Admin Users –> Edit User –> 2FA tab

Set the value for “Two Factor Authentication Enabled” to Yes.

Choose authentication type and save changes.

The authenticator app method needs verification before saving changes.

This needs to be enabled on each admin user that needs to log in using two factor authentication.

How does the login change?

Step 1

Sign in as normal with your username/email and password:

sign in with username or email and password

Step 2

After signing in with your password you will see a screen to complete your login with two factor authentication.

Step 2 of the 2 factor authentication is to type in a code received via SMS, Email or Authenticator App.

Of the three verification methods available, you only need to choose one to sign into the system successfully.

 

  • SMS verification code

One of the verification methods is to receive your verification code via SMS.

sms auth

By clicking on “Send Verification Code via SMS”, an SMS will be sent to the mobile number on your system user account.

Enter the code that you received in the SMS in the “Verification Code” field.

Code via SMS example:

sms code

 

  • Email verification code

The second verification method is to receive your verification code via email.

email auth

By clicking on “Send Verification Code via Email”, an email will be sent to the email address on your system user account.

Enter the code that you received in the email in the “Verification Code” field.

Code via email example:

email with code

 

 

  • Authenticator verification code

The third verification method is to receive your verification code via an authenticator mobile application.

The Authenticator App uses the Google API, so either the Google Authenticator App or any third party compliant 2FA app like Authy can be used to generate 2FA codes.

authenticator

For this method to work, the Authenticator App needs to be set up on the user’s account.

Download one of the following apps on your mobile: Authy or Google Authenticator

Go to Setup –> Admin Users –> Edit User –> 2FA tab

After downloading one of the apps, you can scan the QR code or manually enter the authentication code to verify your app with your HeroTill account.

Enter the verification code on the 2FA to verify.

Now you will be able to complete log in with the Authenticator method:

authenticator method

The Authenticator apps will generate new codes every few seconds.

Enter the code that you see in the Authenticator app in the “Verification Code” field.

 

Screenshot from Authy app:

 

Screenshot from Google Authenticator app:

 

Note:

Only if the verification code is matched, the user will be allowed into the system.

You are able to switch between authentication modes on each sign in.

Note that the 2FA authentication request will expire after 15 minutes. The user will have to restart the login process if this happens.