![]() ![]() ![]() |
To strengthen user logon security, Log360 supports two-factor authentication. Once enabled, Log360 will require users to authenticate using one of the authentication mechanisms below in addition to the Active Directory credentials whenever they log in.
Note:
When this option is selected, Log360 sends a verification code via email to the user’s email address. The user has to enter the verification code to successfully login.
Configuration steps:
Once enabled, users will be asked to enroll for two-factor authentication by entering their email address during login.
When this option is selected, Log360 sends a verification code via SMS to the user’s mobile number. The user has to enter the verification code to successfully login.
Configuration steps:
Once enabled, users will be asked to enroll for two-factor authentication by entering their mobile number during login.
Google Authenticator adds an extra layer of protection to the reset password/unlock account process. Once enabled, users will be required to enter a six-digit security code generated by the Google Authenticator app for identity verification.
Configuration Steps:
Once enabled, users can enroll themselves for two-factor authentication using the Google Authenticator app.
RSA SecurID is a mechanism developed for performing two-factor authentication for a user to a network resource. Users can use the security codes generated by the RSA SecurID mobile app, hardware tokens, or tokens received via mail or SMS to log in to Log360.
Configuration steps:
Once enabled, users will be asked to
Duo Security is a two-step verification service that provides additional security while accessing applications. Users can use the six digit security codes generated by the Duo mobile app or push notification to log in to Log360.
Configuration Steps:
Note: Please make sure you select the exact username pattern you use in Duo Security.
Remote Authentication Dial-In User Service (RADIUS) is an industry standard client/server authentication protocol that enhances security by protecting networks from unauthorized access.
RADIUS based two-factor authentication for Log360 can be configured in just two simple steps.
Configuration Steps:
Step 1: Integrate RADIUS with Log360
client Log360ServerName
{
ipaddr = xxx.xx.x.xxx
secret = <secretCode>
nastype = other
}
Step 2: Configure Log360 for RADIUS
Note: Username Pattern is case sensitive. Please make sure you select the exact pattern (uppercase or lowercase) you use in your RADIUS server.
Administrators can add Microsoft authenticator as an additional factor for verifying identities during login.
Configuration Steps:
Once enabled, users can enroll themselves for two-factor authentication using the Microsoft Authenticator app when they log in to the application.
In addition to the authenticators mentioned above, you can also add a custom TOTP authenticator as a means of verifying identities, provided the application satisfies the following criteria:
Configuration steps:
Note: If the values for the passcode hashing algorithm, passcode expiration time, or the passcode length fields are modified, the user enrolment data for the configured custom TOTP authenticator will be deleted. The enrolment data will also be deleted when this configuration is disabled.
Once enabled, users can enrol themselves for two-factor authentication using the Custom TOTP Authenticator when they next log in to Log360.
Backup verification codes allow users to log in when they don’t have access to their phone or face issues with one of the second-factor authentication method. When enabled, a total of five codes will be generated. A code once used will become obsolete and cannot be used again. Users also have the option to generate new codes.
Enabling backup verification code
Registering for backup verification code
Using the backup verification code to login
As an admin, you can view which authentication method users have enrolled for and remove users’ enrollment for two-factor authentication using the Manage Users option.
To do so, follow the steps below:
To personalize two-factor authentication method for domain users
Domain users enrolled for two-factor authentication can modify their preferred authentication method and manage trusted browsers by following the steps below:
![]() ![]() ![]() |
Copyright © 2023, ZOHO Corp. All Rights Reserved. |