In Collaborator the basic method of authentication is to check if the pair login and password (or e-mail and password) that users enter when logging in are matched.
However, this method is not the most reliable method of establishing the identity of the user who is logged into the training system. As a more reliable way of confirming identity, Collaborator uses 2-step authentication:
- Sign in by entering login (e-mail) and password in the login form.
- Entering the confirmation code, which is displayed in the user's personal cell phone.
Why it's necessary
Your login and password are at risk if at least one of these statements is true to you:
- I use the same password on different websites.
- I download programs from the Internet.
- I click on the links in the emails.
- I use a simple password, such as 111 or 123321.
- I'm not the only one who uses this computer.
What is the danger of having your password stolen
If an intruder gets your password, they can make a lot of trouble for you:
- To change data in your profile or profiles of other users, if you have an administrative role in the system.
- To pass the training instead of you, and even to fail it.
- To give an evaluation or comment on your director instead of you.
- To send abusive emails, viruses or spam under your name.
and a lot of other troubles...
If you still have the password you were given for your first login, change it as soon as possible. You can do this on the User Profile page.
How the account login procedure will change
With two-step verification enabled, the sequence of your actions will be the following:
1. Password entering
This action is already familiar to you. You enter login and password every time you log in to Collaborator.
2. Verification code entering
Now you need to enter a special code. You can get it from the app installed on your phone. Launch the code generation app on your phone (see below for how to set it up) and enter the current code into the form:
How to switch on the two-step verification
This function can only be enabled by the user themselves.
To use it, you need to have a smartphone that uses Android version 4.4 or iOS 8 or higher.
The sequence of operations will be the following:
2. To go to the Security menu
The Security menu is accessed through the User menu, where your avatar, first name, last name, and role in the system are displayed.
3. To tick the "Enable two-step verification" option"
At the bottom of the page it is necessary to tick the option "Enable two-step authentication". After that the QR-code will be displayed, which should be photographed with the help of the Google Authenticator program.
4. To set up an account on your smartphone
4.1. To run Google Authenticator on your smartphone.
4.2. Select the "Scan a QR-code" option. The camera will start up. It is necessary to take a picture of QR-code from the screen. As a result the program will generate a unique code:
5. To enter the code you received
You need to enter the numbers, received in the program on your smartphone, into the field "Secret code", which is placed under the QR-picture. Afterwards press the " Save" button.
How to switch off the two-step verification
You can disable 2-Step Verification on the Security & Notifications page. To do this, uncheck the box next to the Two-step verification option.
What to do if the code is lost
If for some reason you lose the code, reinstall the phone or delete the code generator program, you need to contact the portal administrator to reset your password.
After the administrator sets you a new password, Two-step verification will be disabled.
In the login form, click the "Forgot your password?". Follow the next steps. An email will be sent to you allowing you to set a new password. After you set a new password, two-step verification will be disabled.
It can be reactivated in your User Profile.