System Setup – Two-Factor Authentication (2F Auth)
Configure and enforce two-factor authentication (SMS, email, or authenticator app) for Tourpaq users.
Overview
The 2F Auth (Two-Factor Authentication) section of the System Setup allows administrators to configure and enforce additional security layers for user logins. By enabling these options, users are required to verify their identity with a second authentication factor besides their regular password, making the system more secure against unauthorized access.
Go to Setup → System Setup → Two-Factor Authentication (2F Auth).
Enabling 2FA can lock users out if their phone/email is not correct.
Validate contact data and test with a pilot user first.
Purpose
This section protects user accounts with enhanced login security.
Two-Factor Authentication (2FA) reduces account takeover risk because an attacker needs both the password and a second factor (SMS, email, or an authenticator app).
Fields & Options
1. Authenticate with SMS
Description: Users will receive a verification code via SMS each time they log in.
Use case: Recommended if mobile phone numbers are already stored and SMS service is configured.
Requirement: A working SMS gateway and valid phone number associated with each user.
2. Authenticate with Email
Description: Users will receive a one-time verification code via email for login confirmation.
Use case: Ideal when email access is reliable and mobile devices are not always available.
Requirement: User must have a valid email address configured in the system.
3. Authenticate with an Authenticator App
Description: Users authenticate by entering a code generated by an authenticator application (e.g., Google Authenticator, Microsoft Authenticator).
Use case: Provides a more secure and offline-capable method of authentication.
Requirement: Users must first link their account with an authenticator app.
Instructions for Configuration
Navigate to the System Setup panel
Access the System Setup section from the top menu.
Select the 2F Auth tab.
Select Authentication Options
Tick the checkbox for the desired authentication method(s):
Authenticate with SMS
Authenticate with Email
Authenticate with an authenticator app
Save and Apply
Once enabled, all users will be required to use the chosen authentication method(s) at their next login.
Communicate with Users
Inform users about the activation of 2FA.
Provide them with setup instructions (e.g., how to download an authenticator app or ensure they have access to their registered email/phone).
Once enabled, users will always be required to use 2FA at login.
Pick at least one method that fits your workflow and support capacity.
FAQ
Which 2FA method should we choose?
Use Authenticator App if you want the strongest option and offline support.
Use Email if users always have email access.
Use SMS if you already manage validated mobile numbers and SMS delivery.
Can we enable more than one method?
Yes. You can enable multiple methods.
This can help users if one channel is unavailable.
Last updated
Was this helpful?