Certain permission levels available to ProdataKey Partners require the use of a two-factor authentication app installed on a mobile device (phone or tablet) to provide an additional layer of security when logging in to PDK.io or into the Manage function of the ProdataKey app. This prevents unauthorized access to the account if the password is compromised in some way.
ProdataKey recommends using the Google Authenticator app, which will need to be installed on a mobile device. This app is available from the app store for both iPhone and Android.
Initial setup of Two Factor Authentication (2FA)
After receiving the initial email invitation and have completed entered your personal information, you will be prompted to enter the cellular/mobile phone number, for verification, which will be used for the setup of the Google Authenticator and as one of the multi-factor authentication methods. Please note that the phone number entered here MUST be a cellular/mobile phone able to receive SMS/Text messages.
After entering the cellular/mobile phone number, tapping/clicking the Send Code button will generate and send a six-digit code to enter in the Code field in the next window.
After verifying the code, a page with a QR code will be displayed. This QR code needs to be scanned by the Google Authenticator app, do not use a normal QR code scanner for this, as it will not produce the time-based, one-time passcode generation process required. Be aware that the QR code in the image below has black bars added to it, rendering it unscannable, and the QR code provided by the setup process will look like a normal QR code.
In the Google Authenticator app, tap the + in the lower right corner and then tap 'Scan a QR code'. Using the onscreen reticle, scan the QR code.
Alternatively, if the provided QR code can not be scanned, tap the + in the lower right corner of the Google Authenticator and then tap 'Enter a setup Key'. Enter a name for the Authenticator account, tap/click on the 'Text Code' link next to the QR code, enter the generated alphanumeric string into the 'Your key' field, and choose 'Time Based' for the Type of key and tap the 'add' button.
Once the QR code has been scanned by the Google Authenticator app, a new entry in the Authenticator app will be added and display a time-limited one-time passcode, which is a six-digit code with a timer next to it showing how long before the displayed code will no longer be usable. This passcode must then be entered in the field below the QR code.
Resetting Two-Factor Authentication
If the generated time-limited one-time passcodes are no longer accepted or if the Authenticator needs to be added to a new cellular/mobile device, this can be done easily. If the time-limited one-time passcode is not working in the Authenticator app, delete the item from the Authenticator app.
First, the Partner will need to tap/click the profile icon in the upper right of the window, which is highlighted with a red box in the image below.
Tapping/clicking this icon will open a pop-up menu, where the Partner will need to tap/click the Profile option.
Doing this will open the User Profile window, where the Partner can tap/click on the Two-Factor Authentication button to open these options.
In the Two-Factor Authentication window, tap/click the Set Up button to generate a new QR code. Follow the steps above to scan the QR code and add the time-limited one-time passcode generator to the Authenticator app.
Comments
2 comments
I would suggest adding how to disable a particular 2FA method from an account.
Hello Stu,
For Integrator level Permissions we require 2FA to be enabled and the use of 2FA can't be removed from Integrator level permissions.
Please sign in to leave a comment.