2FA: Two-Factor Authentication

What is the 2FA?

The Two-Factor Authentication (2FA) allows you to add an extra level of security in addition to your personal password.

For example, this service could protect you in case your password’s leaked or has been hacked and guarantees a more secure access to your Allonia account.

If you configure the two-factor authentication, you will have to enter a special connection code.

This code will be provided by a third-party application of your choice, that you will pair with our system while activating your 2FA.

This application can be changed at any time in your account (See the Change TOTP application section).

When to activate the 2FA?

To activate the 2FA as a user, there are two possibilities:

  1. When you first log in

    • I’ve been invited and have a tenant admin

      • When you first connect to the Allonia platform, you will be proposed to configure the 2FA.

      • You can choose to do it immediately or to skip this step.

    • I am a single user and I self-registered on the platform

      • When you first connect to the Allonia platform, you will be proposed to configure the 2FA.

      • You can choose to do it immediately or to skip this step.

      • You will not be proposed again, but a red security reminder will appear on the bottom left of your workspace, saying your 2FA is not activated.

  2. Anytime, from my account

    • If you’re allowed to and in case you didn’t choose to setup your 2FA immediately, you’ll still be able to activate it directly from the “my account” area, by following exactly the HowTo steps, described below (“How to activate the 2FA?” section).

    • It is also from this place that you can change the third-party application used to connect (which basically means a reset/disable + re-enable of it).

How to activate the 2FA?

Once you’ve accepted to go further in your 2FA setup process, you will have to proceed a few things.

Install a Third party TOTP application

Since this part is really depending on the application you’ll choose, we won’t be able to cover it.

Those app are supposed to be compliant with algorithm (TOTP) as described in IETF RFC 6238. https://alternativeto.net/software/freeotp/?license=opensource&sort=likes

Pairing you TOTP application with your account

Take your device (phone, computer, laptop,…) and open your TOTP application.

Then you’ll be able to:

  • scan the QR code provided

  • or enter the pairing code manually

This step will pair your third-party application with your Allonia’s account. Once this connection is established, you will be able to use the TOTP codes presented by your third-party application.

Don’t forget to save your recovery codes in case you don’t have access to your phone, or for any other reason.

We will only be able to show them to you during the configuration of the 2FA, so keep them carefully and in a safe encrypted place (text file zip-ed with a password is a minimum, we recommend a secret manager).

Also, remember the process of recovering your account in case you’re locked out, or it will be troublesome.

Best practice for TOTP applications

To ensure a great security level, Allonia recommends you:

  • To not use the same password manager to store your account password and your Second Factor Seed

  • Keep your emergency codes in an encrypted file