Two-Factor Authentication
Two-factor authentication (2FA) is a security method that verifies a user’s identity using two distinct factors:
- Something they know, such as a password
- Something they have or something they are, such as a physical token or biometric identifier
A common example of a second factor is a one-time code sent through an out-of-band mechanism (e.g., SMS or email) or a six-digit code generated by an authenticator app.
Forward Enterprise supports two-factor authentication for any account that signs in by entering credentials on the Forward Networks login page — including local, TACACS+, and LDAP accounts. This feature enables organizations to add an extra layer of security to their authentication process.
Two-factor authentication is not supported for SSO users. This is because single sign-on delegates authentication entirely to the SAML provider. If 2FA is required for SSO accounts, it must be implemented at the SAML provider level.
Forward Enterprise supports two-factor authentication with common authenticator apps:
- Google Authenticator (iOS and Android)
- Microsoft Authenticator (iOS and Android)
- Authy Authenticator (iOS)
- LastPass Authenticator (iOS)
To enable two-factor authentication for your organization, go to Settings > Login and click ON.
Read carefully the requirements and the description of what will happen next
Then click Proceed and follow the instructions:
- Log in again with your username and password
- Install one of the supported authenticator apps
- scan the barcode to add a new account
- provide the Verification Code generated by the app
- click Verify
Store the 3 back-up codes somewhere safe for later use in case you lose your authentication device. These codes can be use only once, but new codes can be generated in the account settings page.
You are all set! From now on, a verification code will be required after you login with your username and password
Please contact support@forwardnetworks.com if you have any questions or run into any issues.