Two Factor PIN Authentication Required
Two factor authentication is a security process in which the CMS user provides two means of identification from separate categories of credentials. When this setting is enabled, a user will be required to provide their login credentials (User Name and Password) along with a randomly generated PIN. When accessing the login page, a user can generate a random PIN which will be sent to their email address (User Name).
To enable this setting, check the box labeled "Two Factor PIN Authentication Required" and then select the Save button. To disregard any changes made on the Edit Settings page, click the Cancel button.
The following settings can be changed on the Edit Settings page:
- Allow Locations to be Associated with Divisions - enabling this option provides the administrator with the ability to associate Locations to Divisions.
- Suppress Report/Dialog in Emails - enabling this setting prevents report and dialog text from the reporter or Lighthouse from being included within the body of emails sent to the company/reporter by the CMS
- New Incident Report Email Notification - enabling this setting causes administrators to be notified via email when a new report has been added to the CMS
- Send Month End Summary Report - enabling this option will cause the CMS to generate month end activity summary report email notifications to specific users depending on the month end summary report rule criteria defined on the ‘Manage Month End Summary Report Recipient Rules’ page.
- Dialog Copy Administrators - enabling this setting allows administrators to be emailed whenever dialog is added to an incident report
- Email Status Change to Administrator - enabling this setting allows an administrator to be emailed whenever the status changes on an incident report
- Allow Deletion of Files Uploaded by Company - enabling this setting allows a user to delete files previously uploaded by the company
- Populate Sender Field on Emails - enabling this setting allows the administrator to receive bounced back email responses for users with invalid email addresses
- Restrict Access to CMS Via IP Address - enabling this setting provides an administrator with the ability to allow access to the CMS only from certain IP addresses
- Enforce Lockout On Unsuccessful Login Attempts - enabling this setting provides an Administrator with the ability to lock the account of a user unsuccessfully attempting to sign in five consecutive times
- Two Factor PIN Authentication Required - enabling this setting provides an Administrator with the ability to require all users to enter their login credentials (User Name and Password) along with a randomly generated PIN to access the CMS
- Require 'Outcome' to Close Report - enabling this feature will require that a user enter an outcome in order to close a report.
- 'Division' Field Name - text entered here will replace the label 'Division' throughout the CMS. For example, a company may want to use 'Department' in place of 'Division'
- Automatic Dialog Message - text entered here will be sent via email and saved in the CMS as dialog for the anonymous reporter when a Lighthouse report is created in the CMS
- Confidentiality Disclosure on CMS Emails - text entered here will be appended to all emails sent via the CMS
Enabling Two-factor authentication allows the administrator to enable an option for the CMS to 'remember' a user's device so that the two-factor PIN is not required on subsequent sign on. To enable the 'remember this device' feature, check the checkbox labeled '' as shown below.
When the 'Include Device Recognition' option is enabled, the user will be presented with the following alert once they sign on to the CMS successfully.
If the user selects the 'OK' button, subsequent sign ons from that device will not require a PIN. Devices are 'remembered' for 60 days, after which, the user will be required to enter a PIN and will again be prompted to remember the device.