The modern tech world is full of bad actors and many companies need enhanced protections. Especially those operating on older platforms and applications that offer limited security resources. This is where 2 Factor Authentication / One-Time Password programs offer solutions.
What is 2 Factor Authentication / One-Time Password?
2 Factor Authentication requires that a user attempting to access a website or application receive and enter in a unique time sensitive code to authenticate themselves before entry is permitted. This unique time sensitive code is considered a One-Time Password and, for our purposes, is sent via text message to the mobile number on file for their profile with the website or application. Failure to enter the code on the website or application in the allotted time, or entering the wrong code prevents entry.
Follow the steps below to activate a 2 Factor Authentication / One-Time Password program.
1) Configure the Mobile Campaign
2) Use the API to configure the Website or Application
Configure the Mobile Campaign
Step 1.
Sign in to the desired account on the mobile platform and create a mobile campaign. This campaign will be used to deliver the One-Time Password messages.
Step 2.
Edit the campaign and click the Advanced Settings tab.
Step 3.
Locate and click the CONFIGURE button for the One-Time Passwords option.
Step 4.
Click the CREATE NEW TEMPLATE button to begin generating the desired 2FA message that contacts will be sent.
Note: If OTP Templates already exist in the account, click the VIEW ALL button to select the desired message from the available options.
Step 5.
Enter a name for the new template message and click the ADD NEW button.
Step 6.
Use the fields provided to configure the desired message and click the SAVE buttons to save changes:
- OTP Length - One-Time Passwords can be 4 to 18 digits long. Currently only numeric values are supported.
- Valid Duration - One-Time Passwords can be configured to expire within 1 to 30 minutes.
Use the API to configure the Website or Application initiating and validating 2FA
Step 1.
Sign in to the desired account on the mobile platform then locate and click Messaging followed by Gateway API.
Step 2.
2 Factor Authentication / One-Time Password is a v2 API. Click the prompt to access the system's v2 APIs.
Step 3. - Generate a Token
Click the Token Console tab and then click the ADD NEW TOKEN button.
Step 4.
Enter a name for this token (ex: 2FA COMPANY NAME) and click the ADD button. This will generate the desired token and offer additional setting options that can be used to limit how this token is used.
Step 5.
Click the API Reference tab then locate and click Two-Factor Authentication under the Mobile Tools section. This API works in two steps, and the Website or Application where this configuration will be used needs to prepare both action_types of this API.
Step 6. Send OTP
The first step (SEND OTP) is triggered when the user attempts to sign in to the website or application. This action_type 1 needs to be completed with the user's mobile number or their contact_guid on the mobile platform. This step returns the "ticket_guid" related to the One-Time Password that was issued, and delivers the OTP message to the user's mobile number.
Note: The default message when using campaign_guid is "Your one time use code is ~otp~. Please type this code into the website."
Step 7. Check OTP
The second step (CHECK OTP) is triggered when the user enters their unique time sensitive One-Time Password into the designated field of the website or application. This action_type 2 needs to be completed with the ticket_guid returned from the SEND OTP step and the One-Time Password (otp_code) collected from the user's entry to complete the authentication. TRUE responses should be used to allow entry. Conversely, FALSE responses should be used to deny entry.
