Requirements

  • 'Admin' authorization

  • Mobile phone authentication app or possibility to download from the App Store.

Information only 'Admins' can enforce the use of two-factor authentication. However, all employees (users) can activate two-factor authentication for their personal Dualoo account, regardless of the company's requirements. You can see how this works here.

What is two-factor authentication?

Two-factor authentication, often referred to as 2FA, is a proof of identity of a user by combining two different and, in particular, independent login procedures.

For Dualoo, it means that you cannot log in exclusively by entering your password, but must also enter a code that is sent to the authentication app on your smartphone. These codes are one-time passwords that become invalid after a few seconds and are therefore particularly secure.

How can admins activate the two-factor authentication?

1. Go to the "Security & Data protection" menu in the "Settings".

2. Activate the checkbox "Enforce two-factor authentication per".

3. A deadline of one month is used by default. Adjust this date as desired. Two-factor authentication must be activated by all employees (users) by this date.

Until this date expires, it is possible for employees (users) to postpone setting up. After this date, it is no longer possible to log in using only the password and employees (users) who have not yet set this up will no longer be able to click away the pop-up.

4. What happens if a user does not have access to the app for authentication?

Recovery codes are created for each user when the 2FA is entered. With the help of these codes, access can be restored.

If these codes can also no longer be found, Dualoo support must be contacted and, with the clear confirmation of an admin, this employee (user) must be enabled to set up the 2FA again.

5. How can the two-factor authentication be deactivated again?

Every user can deactivate the 2FA at any time under "My Account". However, if this is enforced by the company, it must be set up again the next time the user logs in.

Did this answer your question?