2 Factor Authentication
Introduction
Two Factor authentication aims to enhance the security of your account via security process that requires users to provide two different authentication factors to verify their identity. These factors typically include something the user knows password and something the user has (like a smartphone).
The idea is to add an extra layer of security beyond just a password, making it significantly harder for unauthorised users to gain access to an account or system.
2FA can take many forms, however, in reservie if 2FA is active, the when a user attempts to log in with their username and password, they are then prompted to enter a code generated by an authenticator app on their mobile. This code serves as the second factor, ensuring that even if someone has stolen the password, they still can't access the account without the second piece of authentication.
Getting started
The process of getting started with 2FA in reservie is quick and simple and starts by accessing Settings -> Security
Once you access the security section, you can initiate the process of activation via the following section:
Upon activating the toggle, the system will the system will prompt you to now initiate the process of activation.
Now to complete the activation, the following steps are necessary
Installing an authenticator app. from your phone’s app store
Open authenticator app and scan in QR code
Insert the OTP code provided by your phone
Verify the OTP by clicking the the ‘verify’ button.
Installing the authenticator app
Authenticator apps should be installed via your Google Play Store (for Android phones) or the App Store (iOS devices). There are a number of authenticator apps available. However, we recommend using one that has been developed by a well known and trusted provider such as Google Authenticator or Microsoft Authenticator App.
Open authenticator app and scan in QR code
Once you have downloaded and authenticator app, open the app and add an account. For Google Authenticator, this is typically represented by a ‘+’ button -> ‘Scan QR code’. For microsoft authenticator app, click ‘Verified ID’s’ button -> ‘Scan QR Code'. Scan in the QR code presented by reservie.
Insert the OTP code provided by your phone
By scanning in the QR code, the phone will by provided with a special, unique key, which it will use to generate OTP. Enter this in to the 6 digit box provided by reservie.
Verify the OTP by clicking the the ‘verify’ button
Once you have entered the the OTP code into reservie, click the ‘verify MFA’ button. reservie will then cross check the OTP that you have entered. Please be aware that the OTP is time sensitive. Your phone will provide you with a maximum of 60 seconds in which to use the OTP before it is expired and replaced with a new code.
Note: If your OTP code is not accepted by reservie, check that you have entered the digits correctly. If you have, refresh the screen of the authenticator app (this is normally achieved by dragging the interface of the app down and then letting go) and re-check the digits entered.
Once verified, the 2FA security settings will indicate that the service is now active via the follow:
Using the 2FA for authentication
Once you have activated 2FA, reservie will request an OTP each time you log in. The process of logging in is quick an simple:
Enter username & password
The first step to logging in is to provide your username. This is typically your registered email address that you used at the time of registration. Once entered, click the ‘next’ button and proceed to enter the password.
Enter the OTP
Once you have entered your username and password, click the ‘Next’ button. If 2FA is active, you will now be prompted for your OTP. To find the OTP, open the authenticator app on your mobile device. You will see the previously registered reservie service and a 6 digit code. Enter the code into the box provided.
Once entered click continue. reservie will cross check the code entered is valid and if so, complete the authentication process. If the code is rejected, please double check the digits entered. If the digits look correct, refresh the authenticator app (by dragging down and then releasing the interface). As before OTP codes issued by your phone are valid for a maximum of 60 seconds.