Setting up 2 Factor Authentication (2FA)

  • Updated

About 2FA and why Distil requires it

Two factor authentication (2FA) is required for every organisation using Distil and is part of our security protocols to protect against unauthorised access.

It can be set up when a user gets started in Distil for the first time, or when adding a new user to an existing organisation. 

Users will login using their email address, password and two-factor authentication code. Every user will be prompted to use 2FA every time they login. 

At this time, setting up 2FA requires an authenticator app such as Google Authenticator or Microsoft Authenticator. 

Create a new user in a new organisation with 2FA

When creating a new user account for a business that doesn't yet have an organisation account in Distil, a user will create an account via the signup page. 

An email confirming the registration will be sent to the user’s email address, with a link to verify the email and continue the sign up and 2FA setup process. 

Setup MFA with Google Authenticator

Google Authenticator is one of the most widely used and completely free apps for generating secure 2FA (two-factor authentication) codes. It works offline, doesn’t require an account, and is supported by most online platforms, including ours.

However, you can use any authenticator app you prefer, such as 1Password, Authy, or others you feel comfortable with.

Here is an easy step-by-step guide for Google Authenticator:

  1. Install Google Authenticator from the App Store or Google Play.

  2. Sign in to your Distil account and, when prompted, open Google Authenticator and tap “+”.

  3. Scan the QR code shown on your screen to add your Distil account.

  4. If you’re having trouble scanning the code, click on the “setup key” on your Distil setup MFA section and manually enter the key shown on the screen.

  5. Enter the 6-digit code from the app to complete setup.

  6. Next time you log in, open Google Authenticator and use the current 6-digit code shown for Distil.

Add a new user to an organisation with 2FA

If your organisation already has an account with Distil, adding a new user will also include 2FA set up. 

Go to your account and click ‘Settings’ from the bottom left hand corner of the screen, then ‘Manage Invites’ from the sub-menu. Then ‘+’ from the top right corner to create a new invitation.

You will be prompted to add the First Name, Last Name and Email Address of the user you wish to add to your account. When you click ‘Send Invite’, an email with a link to create their Distil user account will be sent out. 

Once the user receives the invitation and has clicked the link in the email, they will be invited to login and set up their 2FA authentication app. 

If they do not complete this process successfully, they will not be able to login. 

User login with 2FA

Once a user is successfully set up with 2FA, they will login with a 2-step process. 

Step 1 - Enter email address and password

Step 2 - Verify login with 2FA access code

Account recovery codes

During the 2FA set up process, you will create recovery codes. These allow a user to access their account should their 2FA method become unavailable. Keep these codes safe as they cannot be accessed by the Distil team.

Each recovery code can be used once. If a user is unable to access their account via a 2FA route or recovery codes, go to ‘submit a request’ at the top right of this page for further assistance to recover the account. 

Troubleshooting 2FA setup difficulties

If a user is having difficulties setting up 2FA on their Distil user account, here are some common issues and the recommended solutions.

  • Try clearing the cache in your browser and clicking the invitation link in the email again

  • Temporarily disable any ad blocking software or browser plugins

  • Use a recovery code if your usual 2FA route is not available

FAQs

I have successfully completed the CAPTCHA, but can’t proceed

Try loading the link from the invitation email in a different browser. Alternatively, empty the cache in your current browser and temporarily disable any ad blocking software or plugins you may have running. 

I can’t enter any details in the account setup form

You may see an error message such as ‘The security policy has disabled input’. There may be a local security setting in your browser or network protocol, such as URL Isolation, which is preventing you from entering your user details. If trying an alternative browser and the other common solutions suggested above don’t resolve this block, you need to seek advice from your network administrator. 

 

Was this article helpful?

Comments

0 comments

Article is closed for comments.

Still have questions?

Contact us