2 Factor Authentication Overview

Follow

Why do you need it?

Good security requires layers of protection, and because of this, Cloudbeds now supports Two Factor Authentication, also known as 2FA or two-step verification.
The Two Factor Authentication is an extra layer of security that is known as "multi-factor authentication" that requires not only a password and user name but also a code or test that only the user can confirm.
By sending a verification code to the customer’s cell phone, Cloudbeds can help protect customers from internet fraud.

Enabling 2 Factor Authentication Code and Verifying Phone Number

To enable the 2 Factor Authentication feature, navigate to your User Profile by following the steps below:

  1. Click on 'User Profile'
  2. Under 2 Factor Authentication section, click on 'Continue'

3. Choose a verification method to begin and click on Begin Verification
* Text Message / Voice Call
* Authentication App

The method used to verify will be saved for you and used as the preferred method when you log in.

For the time being, Cloudbeds supports Voice Call and SMS in English, Spanish, and Portuguese.

If you choose Text Message / Voice Call

4. Enter country code, city code and phone number. The system will send you a verification code via SMS or voice call
5. Choose between 'Text Me' or 'Call Me'

A note from Authy:

"Landlines are not fully supported yet. Although we support phone calls to verify your identity and install the Authy Chrome app to your computer, and you can then use the Authy app to log in to external accounts, we've found that if the phone call doesn't work you will be locked out and there are no other means to authenticate.  Please don't use Authy with a landline"

6. Enter the verification code sent to the phone number added on the previous step and click 'VERIFY.'
7. If you want, you can change the verification method.

8. At this point, the system displays an Emergency Code which we recommend to save or write down. If you ever lose access to your authentication device, you can use this code to access your Cloudbeds account.

IMPORANT:

  • It's not possible to view current emergency code after you close the window but you can generate a new emergency code on 'User profile' page
  • Emergency code can be used only once

9. Click on 'Complete Verification.'

If you choose Authentication App

The Authy app is a convenient and free alternative and it can be used offline and is supported on multiple devices.

You will need to download the app to your smart phone. Immediately upon downloading the app, you should enable Multiple Device functionality. Please, find instructions for this here.

When using the Authy app, you must initially verify with the mobile app, however Authy can also be downloaded as desktop app, or as an extension in Google Chrome. (Download here.)

In your myfrontdesk account when you you begin verification:

1. Enter a cell phone number (Country code, city code and phone number) and click on 'Next'
*We will not call or text the user; this phone number is used to register you as a Cloudbeds user with Authy.

2. Open your Authy app and click the plus button at the bottom of the screen 'Add Account'. This will activate your camera to scan a QR code provided on the verification page.

3. Scan QR Code and click on Next
4. When you click on the Cloudbeds Logo in your Authy app, you will find a Verification Code, please, enter the code and click on 'Verify'

If you are traveling to someplace where you will not have phone access, it is recommended download the Authy app so you can have continued access to the Cloudbeds platform.

Once you have finished one of the two processes above, the page will display 2 Factor Authentication information:

- Verified: means that you've completed the process and the code was verified successfully.
You can also see the last 4 digits of the number that you verified.

- Verify New: click on this button to verify a new authentication device.

Please Note: If a user ever needs to use the Recovery Code they should click the "Verify New" button on this page - It is not mandatory for it to be a new phone number.
In order to be secure, a user will only be able to use this code on an already verified browser.

After verification, the 2FA status will be displayed on 'Users' tab

Only Property Owners are able to see the 'reset' button

Authorization Process

This authentication is required when a users logs in from a new device. To keep your credentials safe, this authentication process will be automatically required every 30 days.

After you have protected your login credentials with 2 Factor Authentication and you are trying to login using a new computer or device:

On the login screen, after entering your email and password (1), the system will ask you for a one-time code to complete verification (2).
The code will be sent to the phone registered in the first section of this article.

Once you receive the one-time code, please enter the code in the field and click on 'Submit.' On this page, you can also choose another authentication method.

After sending 3 text messages at a one-minute interval, the system prompts you to wait one minute before requesting again.

Using Emergency/Recovery Code

If you ever lose access to your authentication device (i.e. phone), click on 'Use Recovery Code' on verification screen to gain access to your account.

The user can perform 5 attempts to enter the emergency code. If the system does not allow you to make further attempts, please contact our support: support@cloudbeds.com

After getting access to myfrontdesk with the recovery code - you will be redirected to the 'User Profile' page to re-verify a device. The 2 Factor Authentication modal will automatically open.

The user may close the window, however closing this modal will be noted in the activity log. It is the user’s responsibility to verify a new device after using the emergency code.

Association Users and Logging FAQ
Can association users and admins enable 2Factor Authentication? What is the process of verification for them?

When a user is logged in as association user, the user can verify his phone number on any property. After he verifies the phone number on any of the association properties, he can access any property in the association. The association user does not need to verify multiple times even if he has access to multiple properties.

The 2FA logging for association users is located in the Association section and will not be logged in each property's activity log.

  • When all properties in an association have 2 Factor Authentication enabled, then association users will be redirected to the 'User Profile' page.
  • When at least 1 property in association has 2 Factor Authentication disabled, association user won't be redirected to the 'User profile' page which also means that this user can login and switch between all the accounts without verification

Even when 2 Factor Authentication is disabled for 1 of the properties within a group - association users will still have the option to verify with 2 Factor Authentication on the 'User profile' page (but it won't be mandatory)

How to Use Authy Chrome Extension

Because the Chrome extension is available in your web browser, the verification code is available to anyone who has access to the browser.

Verification with the Authy app only works on a mobile phone. But after you verify with your Authy app you can begin to access verification codes from the Chrome extension.

  1. Verify with Authy’s mobile app and turn on multi-device.
  2. Download Authy Extension from Chrome Store.
  3. Download Chrome extension. You will need to enter your mobile phone number.
  4. Verify with your existing Authy account to continue, or request a voice call or SMS to continue with registering.
  5. You will see your accounts have already been added.
  6. When asked to 2FA during log in, simply click the Authy app in the upper right hand corner of your web browser. Look for the Cloudbeds logo and copy the code.
Frequently Asked Questions
If I already verified with SMS and I want to start using Authy, do I need to re-verify?

No. If you already verified a phone number, you can simply download Authy app. Just be sure you use the same phone number in Authy as you verified with Cloudbeds. This will ensure when you sign up with Authy that Cloudbeds is added to your portfolio.

What to do if I do not have mobile phone?

If you don't have a mobile phone, you can choose the option 'Text Message / Voice Call' and register a landline. Multiple users can use the same landline phone number. However, you can not have an extension in the phone (must be a direct line).

Authy has a desktop app and a Google Chrome extension. Can I verify using these apps instead of the mobile app?

At this time, no. However, if you verify with the mobile app you can then sign in to Authy from either of these apps (desktop or Chrome extension). Alternatively, if you verify with Cloudbeds via SMS then you can download the app. When you are asked to authenticate yourself from the login screen, simply choose “Use Authy” and type the passcode provided.

What is the emergency / recovery code and when should I use it?

If you ever lose access to your authentication device(i.e. phone) for any reason, you can use the recovery code to access your Cloudbeds account.

The system displays this recovery code only once - Keep this information safe, write it down, or screenshot and save.

After gaining access to Cloudbeds with the recovery code, please verify a new phone number right away - It is not mandatory to set up a new phone number.

The emergency code can only be used on a previously verified browser (browser which was used during previous verifications), same device and same location.

What to do if I change my phone number?

If a user changes their phone number (or no longer has access to their old number) go ahead and use the emergency code.

After the first number was verified, the user can verify a new phone number. Access your 'User Profile' (1) and click on 'Verify New' (2) to enter a new phone number.

Note:

- This process will override the current number on file;
- At the moment, only one phone number can be used for authentication.

Can multiple Cloudbeds users all use the same Authy app?

It is permissible for multiple users to all use the same Authy app. However, security-wise, it is not the most advisable.

Does every user need to have a unique phone number for voice call to work?

No. It is fine if every user has the same phone number for 2FA, whether it’s mobile or landline.

Is it possible to make this feature required to all my users?

Yes. Please, visit this article to learn more about it: Security Page Overview

I forgot the number that I registered, how do I proceed?

On your User Profile page, the system displays the last 4 digits of the registered number.

Is it possible to reset the 2FA authentication process for a user?

Yes. However, only property owners have the option to reset the whole process and 'force' the user to follow the process from the beginning.

If your role is 'Property Owner' go ahead and access 'Users' tab and you will be able to see 2FA status -> click on Reset.

The user must access their user profile and follow the steps to verify.

Have more questions? Contact Support

Comments

Powered by Zendesk