logo

Need help? We've got your back.

Find advice and answers for everything

Back

Category: Feature Updates

Mandatory 2FA with OTP

What is it & why you need it


EzyCourse lets you force students to enable 2-Factor Authentication for their account using an authenticator app, ensuring security for their personal info.


Now, you can enable the mandatory 2FA setting using phone numbers. This will help to verify 2FA with OTP code sent directly to the student’s phone number. This will give you flexible security options, making unauthorized access nearly impossible.



How to get started using it


You have to enable the Force 2FA setting from your EzyCourse dashboard. To do that, navigate to Site Settings -> General Settings -> Auth Settings.



image



Before enabling 2FA setting, you have to ensure that the Collect Phone Numbers option is enabled. In addition, you must also have the Twilio account set up. This is because the OTP sent to students will be through your Twilio account.



image



Now, scroll down and enable the Force Two Factor Authentication setting. This makes it a must for students to verify their account. Verifying could either be with an authenticator app or via their phone number. Select the Phone option for OTP 2FA.


[Note: You cannot disable phone number or Twilio account settings when Force OTP 2FA is selected.]



image



Click the Update button to save the setting.



image




Student Perspective 


With the Force 2FA phone setting enabled, students will receive a popup asking to verify or set up the 2FA authentication system via their phone number. Here’s how that will work. 


Case 1: If a student has already provided their phone number previously then they’ll receive a popup asking them to enable 2FA.



image



Clicking the Enable 2FA button will instantly send an OTP code to their phone number. And then they can verify with the OTP code. 



image



Case 2: If a student has not provided a number beforehand, then they’ll first be asked to provide their phone number. Phone number validation will be in effect on the popup. 



image



And then they’ll need to verify the phone number.



image



Finally, after verifying their phone number, they’ll be able to enable 2FA for their account using OTP.



image



Note that the OTP code expires in 3 minutes. Also, students will need to verify every time they’re logging in to their dashboard.