MIDAS KnowledgebaseMIDAS Knowledgebase

Two-Factor Authentication in MIDAS

Note: This article applies to MIDAS v4.10 or later

What is Two-Factor Authentication?

Two-Factor SecurityTraditionally, when you access a website/app/online service which requires you to "log in", all you need to provide is your username (or email address) and a password in order to authenticate your access.

Unfortunately, many people use the same credentials (username/password) over and over again for multiple websites/apps/online services. This means that if one of those services gets "hacked" and has a data breach and user's credentials are exposed, an attacker could potentially then access all other websites/apps/online services the user uses.

Two-factor authentication combats this, by employing a secondary means of authentication in addition to the traditional username/password combination in order to authenticate your access to the website/app/online service when you login. This means that even if your username/password were compromised, an attacker couldn't then use these on their own to gain access to your account.

Enabling/Disabling Two-Factor Authentication:

An administrator can enabled/disable Two-Factor Authentication via MIDAS Admin Options → Manage MIDAS → Security.

Enable two-factor authentication in MIDAS

IMPORTANT NOTES BEFORE ENABLING TWO-FACTOR AUTHENTICATION

Your MIDAS system will first need to be correctly configured to send email. You may find these settings via MIDAS Admin Options → Manage MIDAS → Email. It is strongly recommended that whenever making changes to the email settings within the software that you then send a "test" email from the system to yourself to ensure you're able to receive email from the system BEFORE enabling Two-Factor Authentication.

This option is disabled if Single Sign-On (Active Directory) support is enabled, or if no "Outgoing emails appear sent from" email address has been specified (MIDAS Admin Options → Manage MIDAS → Email)

IMPORTANT: If you enable Two-Factor Authentication for your MIDAS system yet the software has not been correctly configured to send email, users will not be able to receive Authorization Codes via email and will be unable to login.

Logging in when Two-Factor Authentication is enabled:

When Two-Factor authentication has been enabled for your MIDAS system, begin by logging in as normal by entering your email address and MIDAS password, and then clicking "Login":
MIDAS room booking and resource scheduling login screen

An Authorization Code will then be emailed to you, and you will be presented with the following screen:

Two-factor login authentication for MIDAS

Simply enter the Authorization Code provided in the email in the space provided and click "Login". If the code is valid, the login process will complete and you will be successfully logged in.

IMPORTANT NOTES FOR USERS

For Two-Factor Authentication in MIDAS to be an effective layer of additional security, you should ensure that the password you use to login to MIDAS is never the same as the password you use to access your own email account inbox. If these two passwords are currently the same, we strongly advise changing one or both.

You can change your MIDAS password at any time, once logged in, via the "Change Password" link near the top of the screen.

You might also be interested in...
» » »

← Return to Knowledgebase