Volare Admin Panel provides you an with an extra layer of protection, besides passwords.
If you enable the two-factor authentication on your organization instance, your managers will be asked first for their password and then, as a second step, they will have to provide an extra code.
What do I need to enable the two-factor authentication?
First of all, you need a Volare manager account (Admin Panel account). The two-factor authentication is supported for organization and location managers.
Volare relies on Google Authenticator application for generating verification codes. So you also need a Google account and you need to install the Google Authenticator application on your mobile device.
How does it work in detail?
If you are an Admin Panel manager:
- Enter your username and password for the Admin Panel
- You'll be asked for a verification code. To get this code, you have to open the "Google Authenticator" application on your mobile phone. If you don't want to enter the code each time you log in, just check the option Trust this device for 30 days (see the note below)
- If everything is correct, you'll be authenticated
Note: the option Trust this device for 30 days will not work if you log in from a different browser than the first time, or if you frequently clear your browser cookies.
How can I enable the two-factor authentication?
To enable the two-factor authentication for your account, click on the quick access toolbar on the left Manage → Settings → Managers. From this page, find your account username (the username must correspond to the one you entered on login) and click on it. Finally, find the Enable button and click on it.
If you cannot find the Enable button, make sure that the username corresponds to the username you used on login. Otherwise, open a ticket in our Support Center.
If you are "admin" (and so you are able to create new managers in your instance), you can also enforce your managers to use the two-factor authentication.
In this case, you will see the Enable button in the page of all the managers (not only for your account). Just click it and enable this feature also for them.
Once you click on the Enable button, you need to complete the following steps before finalizing the procedure:
- Make sure you have the "Google Authenticator" application installed on your mobile device. If you are enabling the two-factor authentication for another manager, make sure that he also has this application installed and available
- Open the "Google Authenticator" application, then scan the QR code or manually enter the alphanumeric code displayed in the Admin Panel. If you are enabling the two-factor authentication for another manager, provide the owner of the mobile device with this alphanumeric code
- Save the backup code displayed somewhere safe. It will allow you to log in even if you lose your mobile device (see the related paragraph below). If you are enabling the two-factor authentication for another manager, provide him with this code
- Read the six-digit numerical passcode on your mobile device (or in the mobile device of the manager) and enter it into the Admin Panel
- Check that everything went well. The two-factor authentication is now enabled on the desired account
How does the backup code work?
If you lose your device with Google Authenticator, then you can use the backup code to access your account instead of the Google Authenticator code.
This code works like the temporary code, but it will also disable the two-factor authentication for your Volare account, so you will need to re-enable it from scratch.
I clicked the option "Trust this device for 30 days", but I am still required for the code. Why?
This happens when you log in from a different browser, or if you recently cleared your cookies.