TMMDemoSupport

Two-Factor Authentication

Article Topics: Affiliates

You can tie Google Authenticator to affiliate accounts and your admin through the Affiliate Admin. Multi-factor authentication (MFA) can also be called 2-factor authentication (2FA).

Enabling 2FA

1) To access and enable the 2 Factor Authentication setting, navigate to the Affiliate Admin and select the affiliate you wish to manage.

Please Note: Admins can enable this for their accounts but affiliates will need the help of an admin to send them the QR code and enter their verification code.

2) Select the "Update" button beside the 2 Factor Authentication field.

3) Select the "Ok" button to generate a QR code that can be scanned in the Authenticator App of your choice. Some examples include the Google Authenticator App or the LastPass App.

4) Scan the QR Code in the Authenticator App.

5) Type in the current token from your Authenticator app into the "Token From App" field.

6) Click the "Enable 2 Factor" option to enable 2FA for this affiliate account.

Important: Should the Token you input be correct but you still receive an error, you may need to check your server time or change the value of the G2FA Window in the Configuration Admin.

Logging In

The affiliate should now have 2FA enabled for their account and will need to confirm their token when logging in.

By default, the templates will only prompt for a 2FA token after a user has entered a valid username and password. You may wish to set up a template that always includes the field for the 2FA token, or does an Ajax call to verify username and password first before prompting for 2FA.

You can modify the include_affiliate_login template, which is located in the Available Skins section of the Skins & Templates, by removing the "{if $smarty.request.code == 12}" and "{/if}" lines.

Before Template Change

{if $smarty.request.code == 12}
	<tr class="data-row-even-last">
		<td class="tab-column left-align" >
			<input type="text" autocomplete="off" name="twofactor" 		  	value="" placeholder="{#MFAToken#}" id="twofactor" class="edit-form-text-short" style="width: 200px;">
		</td>
		<td class="tab-column left-align" colspan="2"><a href="external.php?page=password" class="setLink" style="float: left;">{#ForgotPassword#}?</a></td>
	</tr>
{/if}

After Template Change

<tr class="data-row-even-last">
	<td class="tab-column left-align" >
		<input type="text" autocomplete="off" name="twofactor" 		  	value="" placeholder="{#MFAToken#}" id="twofactor" class="edit-form-text-short" style="width: 200px;">
	</td>
	<td class="tab-column left-align" colspan="2"><a href="external.php?page=password" class="setLink" style="float: left;">{#ForgotPassword#}?</a></td>
</tr>

Configuring the G2FA Window

You can set how many seconds of difference is allowed between the current time on the server and the application by navigating to the Configuration Admin's Security Tab and scrolling down to the Two-Factor Authentication section.

Related Articles

AffiliatesSecurity
PreviousAffiliate Admin SettingsNextRetrieving API Key

Last updated

Was this helpful?