Two Factor Authentication: Implementation Checklist
The following sections provide details you can use to ensure that the system is configured properly for using the two-factor authentication functionality, and to understand (and change, if needed) the settings that affect the processing workflow.
Mandatory Configuration
We recommend that before you initially activate two-factor authentication for the users of your system, you make sure the needed feature has been enabled.
| Form | Criteria to Check |
|---|---|
| Enable/Disable Features (CS100000) | The Two-Factor Authentication feature has been enabled. |
Recommended Configuration for Authentication by Using the Advanced OnTheGo Mobile App
The settings listed in the following table should be specified if you want to activate authentication by using the Advanced OnTheGo mobile app.
| Form | Criteria to Check |
|---|---|
| Activate License (SM201510) | A valid license has been activated for the instance. If a license has not been activated, two-factor authentication by push notifications cannot be used. For more details, see Preparing an Instance: To Enable Features and Activate the License. |
| Web Server IIS |
The MYOB Advanced instance has been deployed by using the HTTPS protocol; otherwise, two-factor authentication by push notifications cannot be used. For details, see Setting Up an HTTPS Service in Web Server (IIS). |
| A mobile device of a user | The Advanced OnTheGo app has been installed and push notifications have been allowed for the app. |
Recommended Configuration for Delivering Access Codes by Email
The settings listed in the following table can be specified to set up the delivery of access codes by email.
| Form | Criteria to Check |
|---|---|
| System Email Accounts (SM204002) | A system email account has been configured as described in Configuring Email Accounts. |
| Send and Receive Email (SM507010) | All the necessary actions for sending and receiving emails by using a schedule have been performed. For details, see To Create a Send and Receive Email Schedule. |
| Users (SM201010) | Make sure that all users have email addresses specified on this form. |
| Security Preferences (SM201060) | The Allow Email check box is selected under the Two-Factor Authentication Policy section. |
Recommended Configuration for Delivering Access Codes by SMS
The settings listed in the following table should be specified to configure the delivery of access codes by short message service (SMS).
| Form | Criteria to Check |
|---|---|
| SMS Providers (SM203535) | An SMS provider (Twillio or Amazon SMS) has been configured. |
| User Profile (SM203010) | Make sure that all users have phone numbers specified on this form. |
| Security Preferences (SM201060) | The Allow SMS check box is selected under the Two-Factor Authentication Policy section. |
Validation of Configuration
To make sure that all configuration has been performed correctly, we recommend that in your system, you perform instructions similar to those described in Two-Factor Authentication: Implementation Activity.