Two-factor authentication is an additional layer of Usedesk's security, which ensures that only you can access your account, even if someone else knows your password.
User identification can be implemented in two ways:
1. Google Authenticator
After successfully entering the username and password, this method of identification allows the system to open a page for confirmation through the «Google Authenticator».
Important! The employee must have downloaded the Google Authenticator app.
To do this, you need to go to the AppStore or PlayMarket and download the Google Authenticator app.
You need to add your account in the application — scan the QR code through the Google Authenticator application. On the authorization page https://secure.usedesk.com/login/google-auth-code, we will show the employee this QR code (the code will be available until you activate the code in the application).
As soon as the employee adds his account in the Google Authenticator application, on the authorization page, https://secure.usedesk.com/login/google-auth-code will display a field in which you need to enter the code from the application (without a space).
To configure this method of identification, you need to go to the «Settings» ⟶ «Security» ⟶ , select «Google Authenticator» and click «Save».
At the same time, all users will be deauthorized («thrown out of the account»). Deauthorization occurs only the first time you enable authentication. If you then turn off and turn on the setting, then users will no longer have deauthorization.
If necessary, (for example, when a user changed a device and needs to link the account to Google Authenticator again), the company’s administrator can reset any user`s device in Usedesk.
After the reset, when authorizing, a user can rescan QR code in the application Google Authenticator.
2. SMS Authenticator
This authentication method is not available by default. To use this functionality, write to us at email@example.com. The function is paid.
After our support activates the button, you can select SMS Authenticator and click «Save».
Important! The field «Phone» must be filled in the employee card.
With this type of verification, the system will check all users for a phone number confirmation element. If a phone number is filled in the employee's card, a notification about the confirmation of the number will pop up.
If the employee clicks on the «confirm now» button, a window pops up to confirm the phone.
It is required to enter the code from the SMS. The counter for entering the code is set to 30 sec. Each time you try to Send Again, the counter is incremented by 30 seconds.
After entering the correct code, you need to click «Confirm Phone».
The field «Phone» in the profile will be deactivated for the employee (it cannot be edited), and there will be a green checkmark «Confirmed» in front of the field.
By clicking on it, the employee will be able to unpin his phone number.
An employee with the «Support Agent» and «Internal Employee» rights can only attach and unpin OWN phone number in the agent profile.
An employee with «Admin» rights can attach and detach any phone number in the agent's profile and in the agent's editing card. At the same time, this employee confirms his number via SMS.
On the login page:
1. If the employee doesn't confirm the system's phone number, he will have to contact the employee with «Administrator» rights. After he enters the username and password, a two-factor authentication page will open with the information «Contact the administrator».
A user with administrator rights, in this case, can go to the employee's card and confirm the phone number by clicking on the gray checkmark opposite the «Phone» field.
The checkmark will change color, and an information tip will fly out.
2. If the employee confirms the phone number in the system, then, after successfully filling in the «log in and password» fields, a page with two-factor authentication with an additional field for the SMS code will open.
If you just want to deauthorize users, then click on the «Deauthorize» button — the system will deauthorize all users except the current one and add an information message «Users have been successfully deauthorized».