search shadow

Menu

Articles in this section

Enforcing two-factor authentication Follow

Avatar
Yulia Ivanova
  • Updated

License administrators can enforce two-factor authentication to Revizto.

Supported two-factor authentication types

Revizto supports the following two-factor authentication types:

  • Authenticator app. Security codes are generated in the app. The following apps are supported:
    • 1Password
    • 2FAS
    • Duo Mobile
    • FreeOTP
    • Google Authenticator
    • LastPass
    • Microsoft Authenticator
    • Okta Verify
    • Authy
  • Email. Security codes are sent by email.

Enforcing two-factor authentication for users with "Revizto login" authentication

Two-factor authentication is tied to an authentication method. If you enforce two-factor authentication for a Revizto login method, the following rules apply to the users that have this method:

  • Users that already have two-factor authentication stay signed in.
  • Users that don’t have two-factor authentication are required to set up two-factor authentication next time they attempt to access the license or its projects in the Revizto application or at Revizto Workspace.
  • All users cannot turn off two-factor authentication.

To enforce 2-factor authentication for an authentication method of "Revizto login" type:

  1. Open the authentication method for editing.

    See Editing authentication method parameters.

  2. Select the Enforce two-factor authentication for all users that use this authentication method checkbox, and then click Save.

    2fa.png

Enforcing two-factor authentication for users with SSO authentication

To enforce two-factor authentication for users with SSO authentication, refer to the identity provider documentation.

Best practices

If you are planning to enforce two-factor authentication, we recommend that you inform your users in advance, giving them time to configure two-factor authentication for their Revizto accounts. You can send a bulk email to these users from Revizto Workspace.

If any of the users don’t configure two-factor authentication in advance, once you enforce two-factor authentication, they will be prompted to configure it next time they attempt to access the license or its projects in the Revizto application or at Revizto Workspace.

To send a bulk email to users that must enable two-factor authentication:

  1. Determine the authentication method to enforce two-factor authentication.

    This method must have the "Revizto login" type.

  2. Open the list of license members and filter them by the authentication method.

  3. Select all listed users and send them an email with the request to enable two-factor authentication.

    For the instruction on configuring two-factor authentication, refer to Editing security settings.

Related articles