Document toolboxDocument toolbox

Password

Owned by Juan Tomás Alonso Nieto (Unlicensed)
Nov 26, 2020
3 min read

This is the default authentication method for all users when you create a new domain. Users must enter their e-mail and password in the login screen to access their domains. 

If you disable this authentication method, you must enable at least another one (SAML or OpenID).

Multi-factor authentication

Multi-factor authentication (MFA) adds an extra layer of security on top of the standard e-mail and password authentication for logins to Devo domains.

Enable MFA for a domain

  1. Go to the Authentication tab in Preferences → Domain Preferences.
  2. If this method was not enabled, select the Active checkbox at the top-left of the form in the Password tab. Then, select the Active checkbox in the Multi-factor authentication (MFA) area below.
  3. Optionally, select Allow users to skip MFA Configuration if you want to make MFA optional for your domain users temporarily. This can be useful to facilitate the transition to the use of MFA during logins. Once a domain user has set up MFA, they will no longer be able to skip it when they log in to the domain.
  4. Click Update. From this point, when domain users log in, they will be prompted to set up MFA for their users. 

Log in using MFA

With MFA enabled, users will be prompted to set up this authentication method the first time they access the platform. To do so, they will need to download a token-generating app to their cellphones.  

This is the process for setting up MFA for the first time:

  1. Log in to Devo as usual with your username and password. The Multi-factor authentication process window opens. At this point, you should download one of the recommended apps to your cellphone, such as Google Authenticator. Then, click Start Process. This sends an e-mail containing a verification link to your inbox.

  2. Go to your inbox, open the verification e-mail, and click the link inside. This opens a page displaying a QR code.

  3. Open the app you downloaded and use it to scan the QR code, then click Continue. A 6-digit verification code will appear on your cellphone. 
  4. Enter the verification code. Select the Remember this device during 30 days if you want to skip the QR code validation step when logging in over the next 30 days. Select Validate and Access to finish the MFA login process.

Once MFA is set up on your device, in addition to logging in with your username and password, you will also be prompted to enter a verification code generated by the authentication app on your phone during the login process.