Two-Factor Authentication is a feature that provides an additional level of security for Ocean users. As an Ocean Site Administrator, you have the ability to enforce Two-Factor Authentication for all users on your Ocean site.
To set Two-Factor Authentication as mandatory for your Ocean site:
- Click on the Site Features area. .
- Set the Two Factor Authentication feature to "Mandatory for all users".
Note: In order to set Two-Factor Authentication as mandatory for all users on your Ocean site, you must first ensure that all pre-existing Ocean users on your Ocean site have Two-Factor Authentication enabled on their own individual user accounts. Please see below for more information on how to manage individual user compliance.
Managing Individual User Compliance
Before you can set Two-Factor Authentication as mandatory for all users on your Ocean site, all pre-existing users must first enable Two-Factor Authentication on their own Ocean user account. This is most easily done by running a Two-Factor Authentication Compliance Report. The "2FA Configured" column in the report indicates if the user has Two-Factor Authentication enabled or not. For users who do not have it enabled, you can instruct them to Enable Two-Factor Authentication for their Ocean user account.
Once all pre-existing users have enabled Two Factor Authentication, you can then set it as mandatory for your Ocean site so that all newly invited users will be forced to configure Two-Factor Authentication before they can successfully join your Ocean site.
Alternatively, you can remove non-compliant individuals from your Ocean site within the Users area, then set Two-Factor Authentication as mandatory for your Ocean site, and then re-invite the removed users so that they are forced to enable Two-Factor Authentication upon rejoining your Ocean site.
Newly Invited Ocean Users
Once Two-Factor Authentication has been set as mandatory for your Ocean site, newly invited users who do not have Two-Factor Authentication enabled will be prompted to enable it before they can join your Ocean site.
- Upon accepting the invitation, users will see a message indicating that the Ocean site they are joining requires Two-Factor Authentication, and be instructed to download an authenticator application before proceeding.
- Users are then presented with a QR code to scan with their authenticator application. They can then enter their Ocean user account password, and the 6-digit code provided by the authenticator application. Pressing Enable & Join Site enables Two-Factor Authentication for their user account, and allows them to join the Ocean site.