Skip to main content
knowledgecenter.avangate.com

Two-factor authentication

Overview

Two-factor authentication is method of computer access control that grants users access to their account after validating two criteria:

  • Knowledge, represented by a security aspect the user has knowledge of, such as the username and password.
  • Possession, represented by an item that only exists in the possession of that specific user, such as a smartphone, tablet, phone number or email address.

Through two-factor authentication, users can access the Avangate Control Panel using their username, password and a security token provided either by the Google Authenticator app or sent via email (associated with their Control Panel account).

Important: For security reasons, master account users can enable two-factor authentication for their own accounts only via Google Authenticator

Avangate allows you to manage user access to specific features by creating and assigning user roles. This extra layer of security enables you to restrict access to the Control Panel to specific users, based on unique tokens

Availability

All Avangate accounts.

Requirements

  • Two-factor authentication through Google Authenticator requires a compatible mobile device running Android 2.3.3 or newer, or iOS 7.0 or newer.
  • Two-factor authentication via email requires the user to have access to his or her email account.

Google Authenticator for Android

You can download the Google Authenticator app for Android here or by accessing Google Play Store from your Android device.

Google Authenticator for iOS

You can download the Google Authenticator app for iOS here or by accessing the App Store from your iOS device.

Two-factor authentication types

Avangate supports two types of two-factor authentication:

  • Two-factor authentication powered by Google Authenticator. Authentication codes are delivered through the Google Authenticator app for Android and iOS.
  • Two-factor authentication via emailParticular cases where users do not have access to their smartphones, such as environments that adhere to a "clean desk" policy, require authentication codes to be sent via email. In these situations, two-factor enrollment is done by the master account. Users enrolled by the master account cannot disable two-factor authentication on their own.

Two-factor authentication via Google Authenticator

Enable two-factor authentication

Follow the steps below to enable two-factor authentication for your account.

  1. Login to the Avangate Control Panel.
  2. Go to Account Settings.
  3. Click Edit login information.
  4. Go to the Two-factor authentication tab.
  5. Scan the QR code using your smart device or enter the Authentication secret in the Google Authenticator app. The app will provide an authentication code.
  6. Enter the authentication code in the dedicated field in the Avangate Control Panel.
  7. Click Activate.

From this point on, every login attempt will require an authentication code provided by Google Authenticator.

Disable two-factor authentication

Follow the steps below to disable two-factor authentication.

  1. Login to the Avangate Control Panel.
  2. Go to Account Settings.
  3. Click Edit login information.
  4. Go to the Two-factor authentication tab.
  5. Click Deactivate.

Two-factor authentication via email

Particular cases where users do not have access to their smartphones, such as environments that adhere to a "clean desk" policy, require authentication codes to be sent via email. In these situations, two-factor enrollment is done by the master account. Users enrolled by the master account cannot disable two-factor authentication on their own.

Follow the steps below to enable two-factor authentication via email.

  1. Login to the Avangate Control Panel with a master account.
  2. Go to Account Settings.
  3. Click Manage user access.
  4. Identify the user you wish to enable two-factor authentication for and click Edit.
  5. Check the Two-factor authentication by email option.
  6. Click Save.

Once you enable two-factor authentication for a user, Avangate notifies him/her about the change and sends an authentication code to their email address each time a login attempt is detected.