Two-factor authentication (2FA)

Follow

Two-factor authentication (2FA) is a layer of additional security you can add to your Halaxy account. Enabling two-factor authentication in Halaxy is extremely easy and helps secure your account.

Two-factor authentication combines something you know (your password) with something you have (such as your mobile phone, email account or Google Authenticator). This means that even if someone manages to guess your password, they will be unable to log in to your Halaxy account unless they also have physical access to your personal authentication method.

Halaxy offers three ways to receive two-factor authentication verification codes: email (free), Google Authenticator (free), and SMS (currently free).

Note

In accordance with Australian Tax Office security requirements, two-factor authentication is mandatory for all users in a practice group where someone has connected their Halaxy to Xero.

Two-factor authentication for practice groups

Full Access users can make two-factor authentication mandatory or optional for all users, as well as prompt users to enable 2FA on their next login. They can also optionally mandate a method of two-factor authentication (SMS, Email or Google Authenticator).

If someone in one of your groups has connected their Halaxy to Xero, two-factor authentication is automatically set to Mandatory and cannot be disabled.

To edit two-factor authentication settings for your practice group:

  1. Click Settings > Users.

  2. In the top-right corner of the practice group, click Edit Two-Factor Authentication Settings.

  3. The Two Factor Preference Settings pop-up for your practice group appears. Select a two-factor authentication setting for users in your practice group:

    • Mandatory: Users are required to set up two-factor authentication on their next login.

    • Prompt on login: Users are asked to optionally enable two-factor authentication on their next login.

    • Optional: Users can enable or disable two-factor authentication at their own discretion.

  4. In the drop-down menu, select whether you wish to mandate a method of two-factor authentication (email, Google Authenticator, or SMS) or allow users to choose their preferred method.

    TwoFactorAuthentication_PracGroupSettings.gif

RESULT: If you made two-factor authentication mandatory, users must set up two-factor authentication the next time they log in. If you selected "Prompt on login", users in your group are prompted to enable two-factor authentication on their next login but can choose not to do so. If you selected Optional, users can set up two-factor authentication on the Settings > Users page at their own discretion.

Two-factor authentication for individuals

Enabling or disabling two-factor authentication for individuals is extremely easy. All you need to do is:

  1. Click Settings > Users.

  2. Click the cogwheel icon to the right of the user you want to enable two-factor authentication for:

    mceclip0.png
  3. Select your authentication method:

    mceclip2.png
    • None: Disables two-factor authentication for this user. The user can re-enable it any time.

    • SMS: Enter the mobile phone number you want to use to receive verification codes, then click Validate. Whenever you log in to Halaxy, you will be sent an authentication code via SMS. After entering your password, you will be prompted to enter this code in order to access your account.

    • Email: Enter the email address you want to use to receive verification codes, then click Validate. Whenever you log in to Halaxy, you will be sent an authentication code via email. After entering your password, you will be prompted to enter this code in order to access your account.

    • Google Authenticator: Scan the displayed QR code using your Google Authenticator app, then click Validate. This will create an entry for Halaxy in your Google Authenticator app. Whenever you log in to Halaxy, after you enter your password you will be prompted to enter the authentication code that appears in your Google Authenticator app in order to access your account.

Note

If two-factor authentication is mandatory for any of your practice groups, you cannot disable two-factor authentication. If you are in only one practice group and that group mandates a particular authentication method, you can only select that method.

Trusting a device for 30 days

2FA_TrustDevice.png

After entering your verification code, you can choose to "Trust this device for 30 days". If you tick this checkbox, you will not be asked for a verification code to log in for the next 30 days as long as you use the same device to log in.

0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.