You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.

03: Two-Factor Authentication in the PolicyPak Portal

Beginning in May 2021, two-factor authentication (2FA) was enabled for ALL customer accounts in the PolicyPak Portal. The PolicyPak portal may contain license keys and potentially other sensitive company information.

NOTE: If for some reason you do not want to use 2FA to secure access to your portal you will have an option to open a ticket with support who will assist you in completing that process.  However, disabling Portal 2FA is strongly discouraged.  In addition, only the PRIMARY user account has access to 2FA control that you'll see below.  This includes controlling which authentication method is enabled, resetting 2FA settings, and requesting that it be disabled for EVERY user on the account.

Here's what to expect the FIRST time - Primary or Secondary user - you'll be prompted for a code which will be emailed to the address you used to log in with.  

Here's the email to look for...

It is recommended that the Primary user then enable "app" 2FA for the account.  This will allow everyone to use either email or an app (such as Authy or Google Authenticator) to authenticate their login.  

Here's how to do that.  First locate the 2FA Config tab under Your Contacts.  Next click App 2FA and click Apply.  You will be prompted again for a 2FA code to enable this option.

When you click Apply above you will be prompted for another code that is sent to your email to authorized App 2FA enablement.

After supplying that code, click Commit Changes to complete the process.

You'll see a success message in the lower right and App 2FA will be checked, indicating it is now enabled for ALL users.

Once App 2FA is enabled, when anyone logs in, they will get the screen shown earlier - where you can choose which method you want to authenticate with.  Email or app.  If they choose app and have not yet setup THEIR authenticator app, they will be prompted to do so.  Scan the code with the app and supply the code shown in the app.

After supplying the code from the app you'll be returned to the logon screen where you will see an acknowledgement if the Authenticator app setup was successful.

Then when you log in and choose the authentication app method, you will be prompted to enter the code from your authenticator app.

Resetting 2FA

If you ever need to reset 2FA, you can do this by clicking Reset 2FA.  NOTE that currently this will reset the 2FA setting for EVERYONE.  Meaning that everyone will need to re-setup their authenticator app.

Disable 2FA

Though we strongly advise against it, you can disable 2FA completely on your account.  Do this by clicking Disable 2FA and confirming your request.  The request will be submitted on your behalf and handled by the support team.  You will hear from them when the request is completed.

You will get a confirmation email anytime 2FA is disabled for your account.  NOTE this is for the entire "account" so 2FA will be disabled for ALL users/contacts as indicated below.

Looking in your portal afterwards, you'll see that 2FA is entirely disabled - neither box is 'checked'.  If you want to re-enable it at any time, simply click the 2FA you want to enable and click Apply.  Since no 2FA is active at this moment you won't be requested to supply a code to re-enable it.  It will just be immediately enabled and everyone will once again be prompted to supply a code received via email or from their app.  

NOTE:  In this particular scenario, re-enabling, if anyone had app 2FA previously "configured" (had scanned the QR code) then that code will still work once again.

  • 1129
  • 19-Apr-2022