Two-Factor Authentication or Two Step Verification is a key component of our security framework, intended to protect your company's content against unauthorised access. This article explains how to enforce 2FA on the level of the account, making it mandatory for all users that want to access the account.
In today’s online environment, ensuring the security of your content is critical. At Limecraft, we are committed to providing our customers with the highest level of protection against unauthorised access and theft. One key component of our security framework is Two-Factor Authentication (2FA).
With 2FA enabled on the level of the Account, all users will automatically be required a one-time token in addition to their username and password. This token is generated using an Authenticator app on their smartphone, and is valid for no more than 30 seconds. This is an essential step to verify their identity, in case someone is guessing or has got access to their password.
While 2FA can be enabled as well by individual users, this article explains in detail how you can enforce 2FA on the level of the Account, thereby making it a mandatory step in the login process.
Note that setting up 2FA for an account can only be done by the account owner!
Before you Begin
Double checking your identity via an authentication app on your smartphone is an essential step in the process. Before you begin, you must make sure to install an authenticator app from Google, Microsoft, or similar. You can download the Google Authenticator app in the Android Play Store or in the Apple App Store.
Impact of making 2FA mandatory
Users that already have 2FA set up or use SAML for authenticating won’t notice anything when enabling the requirement. Users willing to access your account who didn't have set up 2FA earlier, will temporarily loose their ability to access any content managed by your account until they enable 2FA.
On the production listing screen, they will see a notice urging them to set up 2FA on their profile (see screenshot below). They will still be able to access productions in other accounts.
Enforcing 2FA for Your Account
Step 1 - Go to Account Settings > Account Security
To make 2FA mandatory for anyone logging in into your account, go to Limecraft Account Settings.
On the left hand side, you will find a tab there called 'Account Security'.
Step 2 - Enable 2FA for You as an Account Admin
Note that the account owner must already have 2FA enabled on his/her own profile for the 'Require 2FA' button (as shown in the screenshot below) to be active. If that is not the case yet, you can follow these steps to enable 2FA on your account.
Step 3 - Enforce 2FA for all Users Accessing your Account
Access Account Settings > Account Security and select 'Require Two-factor authentication'. Remember that requiring 2FA for all users in your account will deny access to users who have not set up 2FA already.
Limecraft will ask you to re-log in to double check your identity to complete the process.
Step 4 - Confirmation and Notification
Upon activation you will receive a confirmation that 2FA is now set up. All associated team members who do not yet have 2FA enabled will receive an email to notify them that they need to enable 2FA before they can access any of the workspaces or content associated with your account.
Disabling 2FA for Your Account
If you wish to disable 2FA from the account, you can do so in the appropriate section (Account Settings > Account Security).
