...
Two-factor authentication (2FATFA) increases the security of our CMS by asking you for a requiring a single-use code in addition to your password.
...
.
Info |
---|
SDP is rolling out this feature gradually. We’ll notify all users by email before the launch of TFA on your CMS. |
How to set up TFA
Next time you log in to your CMS account, you’ll be required to set up two-factor authentication.
Navigate to your CMS login screen (e.g. content.vic.gov.au).
Enter your username and password and click ‘Log in’.
You’ll see a warning message ‘You need to enable Two Factor Authentication’.
Click on the ‘Enable Email OTP’ are required to set up two-factor authentication’.
You can bypass this 3 times; after 3 times you’ll be locked out of the CMS.Click on the link to visit the TFA screen. Click on the ‘Enable two-factor authentication via email’ link. You’ll be asked to enter your password again and click the Confirm button.
Tick the checkbox and click ‘Save’the Save button.
The screen will change to show ‘TFA enabled’. You can then now start working in the CMS.
How to log in using TFA
The next time you log in, after entering your username and password and clicking the Log in button, you’ll see the following screen. You’ll see that the Verify button is greyed out. Click the Send Email me a verification code button. ( The screen will refresh and the Verify button will now be blue and available.)
GoLeave the CMS login browser tab open and go to your mail app/site and to find the email with the code. Copy the code into the ‘Authentication code’ field and click on the Verify button.
If you didn’t enter the code from your email before it expired, you can click the Resend button.
Info |
---|
|
...
Your email address must be current in your CMS account
Before you set up your 2FA, it’s important that your user account has your current email address.
You can check and update this by clicking on your username at the top of the screen and then Edit profile.
Enter your current password
Select ‘Confirm’
Select and download your preferred 2FA application. If you already have a 2FA application, open it and look for the ‘add account’, ‘add token’ or a plus (+) symbol.
...
Scan the QR code or enter 16-character code into the 2FA service. This will generate a 6-digit verification code.
Enter the 6-digit code into the 'Application verification code' field in the CMS.
Select 'Verify and save'.
This completes your 2FA setup.
To check if your 2FA is set up correctly, go to the 2FA tab on your profile page. It should say ‘Status: 2FA enabled’.
...
Recovery codes
As part of the 2FA set-up, you can generate one-time use recovery codes, which can be used in case you lose access to your 2FA application.
Under the 2FA tab of your profile, select ‘Generate codes’.
Enter your password when prompted.
You will now see a set of 10 recovery codes. Copy and store these in a safe place so that you won’t lose them, and so that no one else can find them.
...
Press ‘Save codes to accounts’.
You can view these recovery codes at any time from the 2FA tab in your profile settings.
Just select ‘show codes’ and enter your password when prompted.
...
Using your recovery codes
If you lose access to your 2FA application, you’ll need to use one of your recovery codes.
When asked for your application verification code, select ‘2FA Recovery Code’ under ‘Having trouble?'
...
Then enter one of your recovery codes when prompted and select verify.
...
Resetting your 2FA application
You can reset your 2FA application if you're switching to another 2FA service.
In the CMS, select your username in the top left corner.
Select ‘View profile’.
...
Select '2FA' tab.
Select ‘Reset application’.
...
Enter your current password.
Select ‘Confirm’.
...
The 2FA setup screen now displays. Now you can begin setting up your new 2FA.
If you press ‘Cancel’, you'll return to the 2FA tab. Your previous 2FA method will remain enabled.
...
Troubleshooting and getting help
Failed validation limit reached
You get 6 attempts within a 5-minute period to get your 6-digit 2FA TFA verification code correctly.
...
Error message:
Failed validation limit reached. 6 wrong codes in 5 min. Try again later.
...
If you reach the validation limit:
...
If you are still receiving the ‘failed validation limit reached’ message after waiting 5 minutes, fill out an SDP support request. Be descriptive in your request so we can assist you as quickly as possible.
Losing or getting a new mobile device
If you lose your mobile device or get a new one, you won’t have access to your 2FA application.
If you set up your 10 one-time use recovery codes, use one of these to log in to your account.
If you lost your recovery codes or never received any, fill out an SDP support request.
No mobile device
If you do not have a mobile device, download ‘Protecc’ from the Windows store if you’re using a Windows computer, or ‘Authenticator 2FA | Sentinel' from the app store if you’re using a Mac.
2FA application already in use for another service
If you already use one of the 2FA applications for another account, you can still use the same app.
Look for the ‘add account’, ‘add token’ or a plus symbol on your application to add an additional 2FA service.
Ensure you use your government email associated with your CMS account if you are prompted to give an email address by any of the 2FA applications.
Skip validation limit reached
You get 3 chances to bypass the TFA setup.
After 3 times skipping TFA setup, your CMS account will be blocked. You’ll see this message.
...
Fill out an SDP support request to have your user account TFA reset.