Note: This article applies to MIDAS v4.10 or later
What is Two-Factor Authentication?
Traditionally, when you access a website, app, or online service which requires you to "log in", all you typically need to provide is your username (or email address) and a password in order to authenticate your access.
Unfortunately, many people use the same credentials (username/password) over and over again across multiple websites/apps/online services. This means that if one of those services suffers a data breach and user credentials are exposed, an attacker could potentially then access all other websites/apps/online services the user uses.
Two-factor authentication (or 2FA) helps combat this, by employing a secondary means of authentication in addition to the traditional username/password combination in order to authenticate your access to the website/app/online service. This means that even if your username/password were to be compromised, an attacker couldn't then use these on their own to gain access to your account.
Enabling/Disabling Two-Factor Authentication:
An administrative user may enabled/disable Two-Factor Authentication in MIDAS via MIDAS Admin Options → Manage MIDAS → Security.
IMPORTANT NOTES BEFORE ENABLING TWO-FACTOR AUTHENTICATION
Your MIDAS system will first need to be correctly configured to send email. You may find these settings via MIDAS Admin Options → Manage MIDAS → Email. It is strongly recommended that whenever making changes to the email settings within the software that you then send a "test" email from the system to yourself to ensure you're able to receive email from the system BEFORE enabling Two-Factor Authentication.
This option is disabled if Single Sign-On (Active Directory) support is enabled, or if no "Outgoing emails appear sent from" email address has been specified (MIDAS Admin Options → Manage MIDAS → Email)
IMPORTANT: If you enable Two-Factor Authentication for your MIDAS system yet the software has not been correctly configured to send email, users will not be able to receive Authorization Codes via email and will be unable to login.
Logging in when Two-Factor Authentication is enabled:
When Two-Factor authentication has been enabled for your MIDAS system, begin by logging in as normal by entering your email address and MIDAS password, and then clicking "Login":
An Authorization Code will then be emailed to you, and you will be presented with a screen prompting for your Authorization Code:
Simply enter the Authorization Code provided in the email in the space provided and click "Login". If the code is valid, the login process will complete and you will be successfully logged in.
IMPORTANT NOTES FOR USERS
For Two-Factor Authentication in MIDAS to be an effective layer of additional security, you should ensure that the password you use to login to MIDAS is never the same as the password you use to access your own email account inbox. If these two passwords are currently the same, we strongly advise changing one or both.
You can change your MIDAS password at any time, once logged in, via the "Change Password" link near the top of the screen.
