What is Multi-Factor Authentication?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack.
How does Auth0 work?
Auth0 Guardian is a mobile app that can deliver push notifications to a user’s pre-registered device (typically a mobile phone or tablet) from which a user can immediately allow or deny account access via the press of a button. It can also generate one-time passwords if that factor is preferred. Instead of integrating with each vendor-specific push notification service.
Auth0 push notifications are implemented using AWS Simple Notification Service (SNS) which handles the vendor-specific integration.
The push factor is offered with the Guardian mobile app, available for both iOS and Android. In addition, the technology is also available as Guardian SDK which can be used in custom mobile applications to act as a second factor push responder.
Enroll with Multi-Factor Authentication with the Auth0 App
You will be prompted to upgrade in one of two ways:
1. By Email Notification
Users will receive an email from ‘CloudNine support@ondemandreview.com’. Make sure the email is not caught by your spam and junk filters.
When you are ready to update, click the ‘Enroll in Multifactor Authentication’ button.
2. By logging in to CloudNine Review
After you log in, you will be automatically routed to proceed with upgrading to the Auth0 Multifactor Authentication.
Installing the Auth0 Guardian App
Note: if you want to use the SMS (Short Message Service) and receive code by text, that is covered in the next section
For Apple users: From your iOS device, launch the App Store then search and install the Auth0 Guardian app.
For Android users: From your Android device, launch Google Play to take you to the Google Play app store, then search and install the Auth0 Guardian app.
Once you install the application on your mobile device click ‘Continue’ button.
Scan the QR Code
On the following screen, you will be prompted to scan the QR Code from within the Auth0 App you just installed. Open the Auth0 app and scan the QR Code.
Once you have scanned the QR code on your mobile device:
- You will be directed to your ‘My Projects’ page, where you be able to navigate as you always have.
- Android clients will be prompted to create a passphrase for recovery and/or added security purposes. Keep this passphrase documented.
‘Try another method’ by receiving an SMS (Short Message Service) Text
If you would rather receive a code by text, click on the ‘Try another method’ link below the 'Continue' button.
Click on the 'SMS' option.
You will then be prompted to enter in your phone number. The phone number you provide must be able to receive text messages. Once the phone number is entered, click on the ‘Continue’ button.
You will receive a 6-digit one-time-use code to that phone number. Enter the code in the ‘Enter the 6-digit code’ field and then click ‘Continue.’ You will then be directed to your 'My Projects" page in CloudNine Review.
