Our cyber incident response app has just undergone a major upgrade! - Find out more

Advisory April 28, 2020

Client advisory: Two-factor authentication guidance

Two-factor authentication (2FA), also known as multi-factor authentication (MFA), is an extra layer of security used to verify the identity of the person trying to gain access to an account. This document provides guidance on how to implement 2FA in several popular applications.

An overwhelming number of username and password combinations are readily available on the dark web and can be used by cybercriminals to gain access to your accounts. 2FA makes it much more difficult for them to gain access even if they have a legitimate password to hand. When 2FA is switched on, you’ll have to provide a second piece of information in order to access your account, which typically comes in the form of a code through a text message or authentication app, with the latter considered the most secure.

Some services will have 2FA switched on by default, but many do not. The following explains how to turn on 2FA in some popular business applications.

Microsoft Office 365

  1. Sign in to your admin center
  2. Select Users and Active users
  3. In the Active users section, click on Multi-factor authentication
  4. On the Multi-factor authentication page, select a user to enable this for one user or you can perform a bulk update by clicking update in bulk
  5. Click on Enable under quick steps
  6. In the pop-up window, click on enable multi-factor authentication

G Suite

  1. Sign in to your Google Admin console
  2. From the Admin console Home page, navigate to Security, then Basic settings
    1.  You may have to click More controls at the bottom
  3. Under Two-step verification, check Allow users to turn on 2-step verification
  4. Click Save

 

Individual users must then follow these steps:

  1. Go to Google Account
  2. On the left navigation panel, click Security
  3. On the signing into Google panel, click 2-Step Verification (2SV)
  4. Click Get started
  5. Follow the steps on the screen

 

Here are some helpful instructional guides for enrolling in 2SV methods. For further optional steps, such as enforcing 2FA to all users, see instructions here.

 

Citrix Cloud Workspace

  1. Sign in to your Citrix Cloud console
  2. Click the three lines in the top left corner, then click Identity and Access Management
  3. Under Authentication, find Active Directory + Token (Tech Preview). If it says Not Configured, click the 3 dots next to this and click Connect
  4. If Cloud Connectors is already installed, then the Connect to Active Directory subsection should already have a green check mark. In the Configure Token subsection, just click Save and Finish
  5. Next, go back to the three lines in the top left corner and click Workspace Configuration
  6. Under Authentication, select Active Directory + Token
  7. Check the disclaimer and click Confirm
  8. When users now go to the login screen, they will need to enter a password token. There will be a link that says Don’t have a token?, which prompts the user to step up an authentication method

 

TeamViewer

  1. Sign in to your TeamViewer account
  2. Click your profile name, then click Edit profile
  3. Click General, then under the Two-factor authentication section, click Activate
  4. Using an authenticator app on your mobile device, scan the QR code that appears on the screen. The app will automatically generate a code
  5. Enter the code generated by the app on the next page of the activation wizard
  6. The next time you log in to your account, TeamViewer will ask for a security code from the app

LogMeIn

  1. Sign in to your LogMeIn account
  2. At the top of the page, click your LogMeIn ID, then Account settings
  3. Under the Security section, look for Two-step verification is OFF and click get started
  4. Choose the primary method you want to use to receive codes by clicking either Set up mobile app or Set up text message.
  5. Follow the instructions for either method
  6. Finally, click Activate at the bottom of the page to turn on 2-step verification

 

To enforce 2FA to anyone using your account:

  1. In LogMeIn Central, click Users then Login Policy
  2. Under Login process, select Two-factor authentication
  3. Click Switch on

 

For instructions on how to set up 2FA for many more applications (both business and personal accounts), please visit TeleSign’s Turn it On tutorial archive, which is available here. Additionally, you can verify whether a product supports 2FA by searching for it here.