Does anyone have experience or know if it is possible to configure 2-factor validation for login to customer portal.
For instance requiring a SMS with a code each time a login is performed?
Thanks in advance.
In service, there is a trigger which allows you to intercept the authentication to the customer portal:
Using it, you can redirect to a custom page you can create that gets the 2FA credentials (i.e. sends an SMS or similar), and then authenticate. We have implemented a customization using this for a customer who is using Cisco DUO on their customer portal for logins.
Thank for the prompt reply on this.
Do you have some more details about the actual implementation, is it something that we as a SuperOffice customer can get access to (through a subscription or otherwise) and what does it require - I'm not familiar with Cisco Duo but have just asked our provider of Cisco solutions about this part?
The implementation was done as a consultancy job for a customer, so I cannot give you the code. It is a bit tricky, and there are some technical details to work out, but in short it works like this:
Thank you for the answer. I did look into Cisco solution but the cost will be massive for this and I'll have to look at other solutions like one of the authentification applications that exists on the market and user typically have on their mobile phones.
Do you have anyone with something like this implemented or a solution for it?
I'm actually wondering why this isnt built into the solution already - is it on the roadmap.
Let me be specific: using Cisco DUO is not a requirement. It was only the choice of our customer. The most important part of what I wrote is how to create 2FA for the customer center. I am pretty sure you could create your own 2FA by sending an SMS with a random code to the user in the trigger script (and also storing it somewhere), and then prompt for that code in a custom screen.
I am not sure if 2FA for the customer center is on the backlog. Michel?
2FA is not specifically on the backlog, but we are discussing different methods for authentication on Customer centre.