02 Sep

Secure your account with Two Factor Authentication

a metal gate securely locked with a padlockToday we’re rolling out a new feature on our Client Portal,  users now have the ability to enable Two Factor Authentication (or 2FA) to secure their PES client portal account.

The 2FA concept is to take the existing password authentication (something you know) and enhance it by adding in a second verification, in this case, a unique code generated by an app on your smartphone (something you have) that changes every 30 seconds.  In this way if your password itself should ever be compromised, the bad actor, not having access to the unique code being displayed on your phone, is unable to access your account.  While it does add a small amount of inconvenience (needing your phone in hand to log into things), it does serve to make your accounts much more secure in general.

For implementing 2FA you can use any standard TOTP based token generating app, such as Google Authenticator, Authy, Duo Mobile, Lastpass Authenticator, etc.  While we’re fans of Google Authenticator and Authy ourselves, as long as the app you choose uses the standard TOTP method, you’re good to go.

Once you have the mobile app in hand, enabling 2FA on your account is as simple as:

  • Log into the client portal with your username/password as normal.
  • Top right hand side, access the account menu by clicking on “Hello, Joe!” (assuming your name is Joe)
  • Select “Security Settings” from the drop down menu.
  • Under “Two Factor Authentication”, click the green “Click here to enable” button.
  • Select “Time Based Tokens”
  • Click “Get Started”

The system will then walk you through scanning your unique QR code with the app and verifying your application is working properly by asking you to verify by entering the newly generated code from your app.

Once you have completed that, your client portal account is now linked to that new account you just created in your mobile app.  In the future you will need to enter the code off your mobile app to when prompted to log into the client portal.