Enforcing Two-Factor Authentication
As an administrator of ISL Conference Proxy you can enforce mandatory Two-Factor authentication for all users on your servers or on per-domain or per-user basis. Follow the steps below to see the configuration process:
Login to ISL Conference Proxy administration pages, at <your-server-addres>/conf.
Open the Security tab under Configuration.
Step 3 (global)
Change the Allow login without configured Two-Factor Authentication from Yes (default value) to No.
Note: No (allow override) options means that more specific settings for Two-Factor Authentication (per-domain or per-user) will override the global setting. If you want to strictly enforce Two-Factor Authentications for all users set this option to No (deny override).
Note: Per-domain setting are located under User Management -> Domains -> <Domain Name> -> Security and per-user settings are located under User Management -> Users-> <User Name> -> Security.
Try to log into an ISL Online product (e.g. ISL Light) with an account that does not have the Two-Factor authentication configured.
You will be denied access and prompted to configure Two-Factor Authenctication for your account. Click on the blue link to open the configuration page in the browser.
Log in with your username at the ISL Conference login page that opens.
Select a Two-Factor Authentication method that you wish to configure for your account and click on "Get Started". In our case we will configure an authenticator app.
Note: Other Two-Factor Authentication methods are described: TODO
Enter the alias for your phone that has the authenticator app installed then click "Next".
Scan the displayed QR code with the authenticator app on your phone to register your account, then click "Next".
Enter the code generated by your authenticator app and click "Next".
Two-Factor Authentication is now configured. You can close the browser window and return to the ISL Online product you were trying to log into in Step 4.
Enter your user credentials again and click "Login".
You will be prompted for the verification code generated by your authenticator app. Enter it and click "Verify".
Note: If you selected another Two-Factor Authentication method in Step 7 this login screen will be slightly different depending on which authentication method you chose. If you have multiple Two-Factor Authentication methods registered you can switch between them by clicking on the "Try another way to sign in" option.
You are now logged in and can begin using the application.