Two Factor Authentication for Client Portal
Thursday, September 12, 2019
In an effort to improve security and protect access to your information and services with BaseHost, we have introduced Two Factor Authentication (2FA) for access to the BaseHost Client Portal.
What is Two-Factor Authentication (2FA)?
Two-factor authentication (or 2FA as it's sometimes referred to) adds an additional layer of security by adding a second step to your login. It takes something you know (ie. your password) and adds a second factor, typically something you have (such as your phone.) Since both are required to log in, even if an attacker has your password they can't access your account.
Why do you need it?
Passwords are increasingly easy to compromise. They can often be guessed or leaked, they usually don't change very often, and despite advice otherwise, many of us have favourite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account.
How it works?
There are many different options available. One of the most common and simplest to use is time based one-time passwords. With these, in addition to your regular username & password, you also have to enter a numerical code that changes every 30 seconds. Only your token device (typically a mobile smartphone) will know your secret key, and be able to generate valid one time passwords for your account. And so your account is far safer.
Which technology have we implemented?
We've elected to use Authy as our 2FA solution. Authy has a number of positives and is readily and easily accessible for most people to use and can be easily downloaded on your computer or mobile devices to generate your token. For customers that aren't comfortable with these technologies, the authentication process can be handled by SMS as an additional process.
Where to download the Authy software?
How do I enable 2FA for my BaseHost account?
If 2FA is not already setup in your account, the next time you login you will be prompted to set it up and if you accept, you will be guided through the process by our system.
If you have any questions or concerns regarding this change, please don't hesitate to raise a ticket to us in the client portal or you can email us at support@basehost.com.au