At Labguru, the security and protection of your data is of the utmost importance to us. We understand that the confidentiality, integrity, and availability of your data is critical to the success of your business. To further enhance the security of your account, we will be implementing two-factor authentication (2FA) starting January 16th, 2023. We are pleased to offer this service at no additional cost to our valued customers.
What is 2FA and why is it important?
Two-Factor Authentication (2FA) is a security measure that requires users to provide two forms of identification when logging in. The first form is typically something that the user knows, such as their username and password. The second form is something the user has in their possession, such as an authenticator app or security key on a trusted device. By requiring multiple forms of identification, 2FA makes it much harder for common threats like phishing attacks and account takeovers to succeed.
As the global threat landscape continues to evolve and attacks that can harm businesses and exploit consumers become more common, it is increasingly important for businesses to implement strong security measures. Multi-Factor Authentication (MFA) is a simple and effective tool for improving login security and protecting businesses and their data from security threats. In particular, as businesses adapt to remote work environments, MFA can be a valuable tool for safeguarding against potential threats.
What is the Labguru 2FA requirement?
Two-Factor Authentication (2FA) is required for all users who log in to Labguru through the user interface. This requirement does not apply to users in organizations that access Labguru through Single-Sign-On (SSO) services.
When does the 2FA requirement go into effect?
The requirement begins on January 16th, 2023, when logging in to Labguru, you will be prompted to activate 2FA if it is not already active. If some users need more time to enable 2FA, there will be a grace period of 30 days during which logging in without 2FA will still be allowed.
How will 2FA affect me?
To log in to Labguru, you will need to provide a PIN number generated by a Time-based one-time password (TOTP) authentication app installed on your mobile device. You can use any app that generates temporary codes based on the OATH TOTP algorithm (RFC 6238). Some popular options include Google Authenticator, Microsoft Authenticator and Authy. These apps can be downloaded from the different Apps Stores.
What happens if my mobile device is lost or inoperative?
After enabling 2FA, you will receive five emergency codes that can be used to log into Labguru in case you are unable to use 2FA for any reason. It's important to store these codes securely! Additionally, you can always request a 2FA reset from your Labguru administrator, which will allow you to set up 2FA again during your next login.
I do not have access to mobile devices where I use Labguru, what do to?
You can download desktop authentication applications (such as 1Password, Okta or Authy). If using Mac, you can activate 2FA from the 'Passwords' menu in the computer's preference menu.
Can I use a password manager as an alternative to 2FA?
While a password manager can be an important part of your overall security strategy, it should not be used as a replacement for Two-Factor Authentication (2FA). Password managers can help encourage the use of strong, unique passwords and encourage users to change them on a regular basis, but passwords alone are not enough to protect against unauthorized access to accounts. This is because passwords can be compromised through common threats like phishing attacks, credential stuffing, and malware. Only by requiring two forms of identification through 2FA can you truly enhance login security.
Where can I get more information about MFA/2FA?
Check out the following links for more information on MFA and 2FA: