Guides
Next ReasonNext Reason CareersNext Identity Status

Two-Step Verification

Enhance your security with configurable two-factor authentication

Suggest Edits

Our Two-Factor Authentication (2FA) system, part of the Next Identity Journeys, offers users the flexibility to choose their preferred method for receiving verification codes: via email, SMS or authenticator app.

Dynamic 2FA Feature

The 2FA feature is dynamically linked to the user's verified details. If both a verified mobile number and email address are on file, they can choose their preferred 2FA method. The system defaults to the app's primary login method if no preference is set.

Verification Process

Upon registration and each subsequent login, users are sent a verification code to validate their identity. The method of delivery depends on their chosen registration method:

  • Users registered with their email will find the verification code in their inbox.
  • Those registered with their phone number will receive the code via SMS.

If there's a delay or issue in receiving the code during login, users can opt to have it resent. They can choose to receive the new code via either email or SMS, regardless of their initial registration method.

Authenticator App

For enhanced security and flexibility, users can opt to use an Authenticator App as their preferred 2FA method. The Authenticator App generates a time-based one-time password (TOTP) that users enter during the login process. This method is particularly beneficial for users who prefer not to rely on email or SMS, as it works offline and adds an extra layer of protection against phishing attacks. If users are unable to use the Authenticator App, the system automatically falls back to another configured method, such as SMS or email, ensuring seamless access. Learn more about the Authenticator App integration here.

Voice OTP

Voice OTP is another option available within our 2FA system, to be leveraged as a resend method. When SMS is selected as the 2FA method, after waiting for the required resend time, users can have the option to receive their verification code via a voice call. This feature is especially useful in scenarios where SMS delivery might be unreliable or when users prefer to hear their code. The voice call delivers the code in the user’s configured language, offering a personalized experience. Like other methods, Voice OTP can be set up as a fallback option to ensure that users always have access to their verification code, even if they cannot receive it via SMS. Learn more about Voice OTP.

Configuration Options

Two-step verification has the following configuration options:

  1. Required: Two-factor authentication is mandatory for end users and cannot be disabled.
  2. Optional: Users can choose to enable or disable two-factor authentication. Users can choose to enable or disable two-factor authentication.
  3. Disabled: Two-factor authentication is disabled.

2FA Dedicated Field for SMS

User can leverage an additional and dedicated mobile number for 2FA that can be shared amongst five different email accounts, providing flexibility for those who manage many applications within a federated group.

User Profile: Enabling 2-Step Verification

In the user profile section, users can activate the 2-Step Verification feature. Before activation, a verification code is sent to ensure the user's access to the registered email or mobile device.

If there's a delay or issue in receiving the code and a resend is requested, they will have the option to select their preferred delivery method again.

Updated 3 months ago