User Settings - Two Factor Authentication (2FA)

Two-factor authentication (commonly abbreviated 2FA and also known as multi-factor authentication MFA) adds an extra layer of security to your user’s account login by requiring two types of authentication. This is usually something your user knows and something they have.  Two-factor authentication is a common authentication best practice to increase account security normally provided by passwords.

 Things like password reuse, poorly encrypted passwords, social engineering, and leaked databases make even a secure password vulnerable. By requiring users to add a second factor to their authentication flow, an account with a compromised password will still be protected. Even targeted attacks are more difficult because the attacker would be required to access to different forms of authentication. A Google study showed that SMS based authentication "can block up to 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks".

Bryt uses SMS two-factor authentication.  This means that the user will be required to know their password when a user signs up or logs in to the application a numeric code is sent to their mobile device via SMS.  The numeric code will be required to access the application.  Once the user accesses the application on a specific device, the user can choose to “trust” the device in the future. By default. The Bryt application does not automatically turn on two factor authentication.  Unless the client has a global requirement for 2FA, the option to use 2FA is left to each individual user.   

To set up Two Factor Authentication...

Navigate to the User Profile page by clicking on "Profile" in the upper right corner and select "Settings" from the dropdown list:

From the User Settings Page, select "Authentication".  The heading on this page will tell you the status of Two Factor Authentication for your account.  This setting is specific to your user account:

To Enable Two Factor Authentication...

Enter your password to the Bryt Software application and click "Verify Phone Number":

The system will send an SMS message to the phone number you have in the system.  (You can edit this number in User - Details. You will need to disable Two Factor Authentication to edit your phone number.)  Enter the 6 digit Verification Code and click " Verify Phone Number":

To Disable Two Factor Authentication...

Enter your password to the Bryt Software application and click "Disable Two Factor":

When Two Factor Authentication is turned on, you will need to enter the verification code that is sent via SMS to the phone number that you have in the system:

If you check the box "Don't ask for the code verification again on this browser.", you will not have to enter this code the next time you log in to the system.  You will have to enter this code:

• Every time you use a new browser
• Every time you clear your cookies from your browser
• If you do not store cookies on your browser