Skip to main content

Solutions

Law firms

Tax, audit & accounting firms

Corporations

Governments

Products

Legal

Trade & supply

Tax, audit & accounting

Corporate tax

Risk & fraud

Books

Recommended products

Questions? We are here to help.
Contact us

Purchase

Buy solutions

Buy books

Contact sales

Questions? We are here to help.

Resources

Insights

Events

Product training

Product communities

Developers

Customisation

Set up two-factor authentication

In Contract Express 8.1 or higher, you can enable two-factor authentication for your license space. Enabling this feature will strengthen login security for forms based authenticated users by requiring the entering of a secondary code from a pre-established smartphone app, in addition to the standard email and password. Users that use SSO in the same environment will be unaffected.

Enable two-factor authentication

Admins can choose from three enforcement levels for forms‑based authenticated users. In the
Admin
 section, under
Features
, enable
Two‑factor authentication
 and select one of the following options:
User choice
Two-factor authentication is not mandatory for any user. Individual users have the ability to decide if they would like the second layer of security every time they log in or when they log in with an unrecognised browser.
This selection is a good choice for environments that would like the administrators only to use two-factor authentication, or for specific subsites.
Users can enable this in My Accounts, by selecting
Enable Two-Factor Authentication
.
When this option is enabled, users have the ability to disable their personal authenticator if they choose to.
Enforce when a new title is used
All forms based authenticated users will be forced to use two-factor authentication when they sign into Contract Express with an unrecognised browser. By selecting
Remember this browser
, the user will not be prompted for a verification code again until their cookies are cleared or they log on with a different browser.
Existing users will be prompted to set up their authenticator the next time they sign into Contract Express. New users will be prompted along with their initial set up.
Enforce every time a user logs in
All forms based authenticated users will be forced to use two-factor authentication when they sign into Contract Express every time they log in.
Existing users will be prompted to set up their authenticator the next time they sign into Contract Express. New users will be prompted along with their initial set up.
note
We suggest before enforcing two-factor authentication; start by selecting
user choice
 for a specified amount of time. Distribute materials to all users which authenticator apps you recommend and how to set it up within Contract Express. This way when you switch to an enforced option, the users will not be prevented logging in until set up is complete.

Choosing an authenticator

Users can connect to any authenticator that is a
Time-based one time password
 authenticator. Administrators cannot enforce which authenticator their users can choose. However, recommending an authenticator and providing steps for the users will help with user adoption of the company-desired authenticator.
In Contract Express when user is prompted for authenticator set up, the on screen steps can be followed. Depending on the chosen authenticator, they will either need to use their smartphone's camera for QR code scanning, or are given the ability to type the Contract Express Key into the key field.

Most popular authenticators

This article applies to:

  • Product: Contract Express