Securing Community with Multi-Factor Authentication (MFA)
Security is an important aspect of any community. To provide an additional layer of security for user accounts with privileged access rights within the community (usually Admins), Khoros has introduced Multi-Factor Authentication (MFA) support for communities. MFA increases user account security by requiring additional verification factors to prove a user’s identity when signing into the community application. Khoros provides MFA via the authenticator app mechanism.
Once MFA is enabled for a community, all privileged users (identified by the system on the basis of twenty six critical user permissions) will be prompted to set up MFA for their accounts. Users will provide their mobile number, and scan a QR code to add the Khoros community account in an authenticator app of their choice (Google authenticator/ Microsoft authenticator/ Authy, etc).
When these users login to the community, in addition to their username and password, they will have to go through another layer of authentication where they will be entering a Time-based One-Time Passcode (TOTP) from the authenticator app. Post verification, the user will be logged into the community.
First time setup:
Subsequent logins:
Communities can opt for MFA. Open a Support ticket to enable MFA for your community. MFA support is currently available for non SSO communities. SSO Communities should configure MFA at their end with the SSO provider.
You can follow the links below to