Two Factor Authentication
What is two factor authentication
Two factor authentication is where a resource such as a website or application requires two separate pieces of information before allowing access to the resource.
This can be handled in a number of ways but the most common is by using either an Authentication app (usually on a phone) to generate a one time code or by sending an SMS message to your phone with a one time code to use to log on.
There are a number of phone apps that can be used for two factor authentication. Examples are:
Twilio Authy
Google Authenticator
Microsoft Authenticator
Two factor authentication for Paua
In Paua we use a one time code that can be generated by an authenticator app. We recommend Twilio Authy as the app to use but if you already use a different app for accessing other resources then you should be able to use any compliant app.
How to enable two factor authentication for Paua
On your Phone
Download the Twilio Authy app from the Google Play Store or the Apple App Store. If you already have a different authenticator app installed and you want to use this different app then you will need to modify these instructions to fit your app.
In Paua
Login as normal and navigate to the Two Factor Authentication page from the main menu. At the top of the page is a button Enable two factor authentication
Click this button and you will be presented with a page containing a QR Code
On your Phone
Open Twilio Authy and touch the three dots at the top right of the screen and select Add account
There is a large button Scan QR Code Press this button and the camera will open allowing you to scan the QR code on the Paua page. Once the code has been scanned you should have a new entry in Authy for Paua and there will be a 6 digit code on the screen that refreshes every 30 seconds.
In Paua
Enter your current password in top box on the right of the screen and then enter the 6 digit code from the app and click Confirm
Two factor authentication should then be enabled.
Logging on with two factor authentication in Paua
When you have 2FA enabled you start off by entering your Organisation/Username and Password as normal.
You will then be presented with a page that asks you for the 6 digit code from Twilio Authy.
Open the app on your phone and select the entry for Paua.
Type the 6 digit code from Twilio Authy into the field in Paua and click the Login button.
Disabling two factor authentication in Paua
In some instances you may want to disable 2FA in Paua.
For example if you get a new phone it may be simpler to disable 2FA and then re-enable with the new phone.
To disable 2FA simply go to the Two Factor Authentication page from the main menu. At the top of the page is a button Disable two factor authentication
Click this button and you no longer have 2FA on Paua. To avoid confusion, after disabling 2FA in Paua you should go into Twilio Authy on your phone and remove the Paua entry by long pressing and clicking Remove
Recommendations
On your Phone Enable backups in Twilio Authy. This means that your codes are stored encrypted in the cloud and can therefore be retrieved after losing you phone or similar disaster.
You can also protect your Twilio Authy app by setting up a PIN code for the app or a Fingerprint authentication.