Two-Factor Authentication

You can enable Two-Factor Authentication in Exchange Reporter Plus to secure all logins. Exchange Reporter Plus supports five modes of authentication. You can choose one or more methods that work best for you; if you configure multiple login modes, the technician is given the liberty to choose one method from the list. To enable Two-Factor Authentication:

  1. Go to the Settings tab.
  2. Navigate to Admin → Utilities → Two-Factor Authentication.
  3. Click the button corresponding to Two-Factor Authentication to enable this feature.
Note: You can also disable this feature for all technicians at any point of time using the same steps. Click the same button again to disable it.

Two-Factor Authentication settings

Supported authentication methods

Exchange Reporter Plus supports the following authentication methods:

Email Verification

Technicians can receive verification codes from Exchange Reporter Plus via email, which they can enter to log in to the product. To enable the Email Verification method:

  1. Go to the Email Verification drop-down.
  2. Select Enable Email Verification.
  3. Modify the Subject and Message content as required.
  4. You can also attach other attributes, like username or codes, to the message by clicking the Macros option in the bottom-right corner.
  5. Click Save.
Note: This setting fetches values from the already configured email server in Exchange Reporter Plus. If you haven’t already configured an email server, you can click the Configure Now option corresponding to Email Verification to add email server details.

SMS Verification

Technicians can also receive verification codes from Exchange Reporter Plus via SMS. To enable the SMS Verification method:

  1. Go to the SMS Verification drop-down.
  2. Select Enable SMS Verification.
  3. Modify the Message content as required.
  4. Note: Please note that if the message exceeds 160 characters, the notification will be dispatched in two or more text messages.
  5. You can also attach other attributes, like username or codes, to the message by clicking the Macros option in the bottom-right corner.
  6. Click Save.
Note: This setting fetches values from the already configured SMS server in Exchange Reporter Plus. If you haven’t already configured an SMS server, you can click the Configure Now option corresponding to SMS Verification to add SMS server details.

Google Authenticator

If your organization uses Google Authenticator for security purposes, Exchange Reporter Plus supports that too. To enable the Google Authenticator method for verification:

  1. Go to the Google Authenticator drop-down.
  2. Select Enable Google Authenticator.

Duo Security

To enable the Duo Security verification method for Exchange Reporter Plus:

  1. Go to the Duo Security drop-down.
  2. Select Enable Duo Security.
  3. Enter the Integration Key, Secret Key, and API Host Name of your Duo Security account.
  4. You can also enter the Username Pattern if required.
  5. Click Save.
Note: If an enrolled user is deleted in Duo Security, it is mandatory to also remove the user's enrollment in Exchange Reporter Plus and reconfigure it.

RADIUS Authentication

When RADIUS Authentication is enabled, end users can use their username and password in the RADIUS server to log in to Exchange Reporter Plus. To enable the RADIUS Authentication method for Exchange Reporter Plus:

  1. Go to the RADIUS Authentication drop-down.
  2. Select Enable RADIUS Authentication.
  3. Enter the Server Name or IP Address and Server Port.
  4. Note: By default, the server port used is 1812.
  5. Enter the Authentication Scheme, Secret Key, and Username Pattern for your RADIUS server.
  6. You can also choose a Request Time Out value for the server if you prefer.
  7. Click Save.
Note: When high availability is enabled, please add Exchange Reporter Plus' virtual IP address in the RADIUS server client machine.

Other features

Once the Two-Factor Authentication settings are configured, technicians will be prompted to enter the necessary credentials for a second mode of authentication at the next login.

Two-Factor Authentication login window

On choosing the Trust this browser option, a technician will not be prompted to enter credentials related to the second authentication factor for the next 180 days while accessing Exchange Reporter Plus from the same browser.

Copyright © 2021, ZOHO Corp. All Rights Reserved.