set up 2FA for others

Hey @eddiebouncer,

They’ll need to scan the 2FA QR code themselves as the code/token is assigned specifically to the device used to scan it.

You can select Require 2FA for all administrators to enforce Two-Factor for the admins. When they initially log in it will walk them through the steps to enable it.

You can defer the timeframe needed for them to activate it. However, once that time expires the process will be the same. So this is a personal preference if you’d like to give them a little time to set it up versus immediately with their next login.

Please let me know if you have any other questions.

Thanks,

Gerroald

Hi @wfgerald,

Thanks for the fast reply. I tried the following to test:
– create test-admin
– enable ‘Require 2FA for all administrators’
– try to log in with this test-admin (in different browser)

Then it gives the Error: invalid username or password.

How would a new admin reach the walkthrough-steps to enable 2FA?
Should they at first still need to scan the QR code themselves – Call me confused, but if so, what is the use of the walkthrough steps then?

Peace, Ed’

Hey @eddiebouncer,

It sounds like there might be a conflict either with the theme or one of the plugins you’re using, could you try temporarily switching to a default theme if you’re not already using one and disabling all other plugins then reactivating them one by one to see if the issue persists?

Please let me know.

Thanks,

Gerroald

Hi @wfgerald,

Thanks, i did have a custom frontend login set up – which i disabled now. When i try to log in again with the test-admin i still get a (different) error:
“LOGIN BLOCKED: 2FA is required to be active on all administrator accounts.”

So i enable the ‘grace period’… when they log in at the backend there is the yellow alert message now: “You do not currently have two-factor authentication active on your account, which will be required beginning March 19, 2020. Configure 2FA”

Q. Do you mean this yellow alert message box as walktrough steps?

Peace, Ed’

• This reply was modified 4 years, 9 months ago by eddiebouncer. Reason: added more info
• This reply was modified 4 years, 9 months ago by eddiebouncer. Reason: updated info
• This reply was modified 4 years, 9 months ago by eddiebouncer.

Hey @eddiebouncer,

Yes, the message will alert them that they have X amount of time to enable 2FA before they lose access to log in. Once they click the Configure 2FA link it will take them directly to the Login Security page where they can scan the QR code to set up 2FA. The notification will appear on all admin pages, so it’s really hard to miss.

Thanks,

Gerroald

Hi @wfgerald,

Thanks, that makes sense. I didn’t see the alert message as walkthrough-steps ??

Then i’ll set it up this way and let them scan the QR themselves.

Thanks again for your time, Cheers! Ed’

Hey @eddiebouncer,

Thanks for the update. Yes, I probably could have worded “walkthrough” differently, and I will in the future to avoid confusion.

Please let us know if anything else comes up.

Thanks,

Gerroald