Enforcing the Two Factor Authentication(2FA)
Any CoZone user can activate the 2FA on their account through self-service, but if desired, a Company can request enforcing this feature for all it's employees, by sending a ticket to their IT support email address. Should 2FA enforcing be active, users from that company will be prompted to activate it on the next sign-in attempt and prohibited to access the CoZone account if they do not activate it.
OTP Code Delivery methods
The 2FA OTP(One-time password) authentication code is composed of 6 Numeric characters, which are delivered to the user, through the Google Authenticator app or the Microsoft Authenticator app, both applications are available in the Apple App Store and in the Google Play Store. The code can also be delivered through SMS, delivering service is provided by the third party Twillo.
2FA OTP codes lifetime
There is a 30 seconds lifetime for the Microsoft and Google OTP tokens. In this case, after the token expires, a new one is generated instantly, as long as your Microsoft and Google Authenticator app is open.
There is a 3 minute lifetime for the SMS OTP code, the token will be active regardless if other tokens were generated after 3 unused tokens created, there is a 10-minute cool-down period during which no more tokens can be requested.
OTP Algorithms
The SMS token is generated by cryptographically secure pseudo-random number generator. The Google Authenticator and Microsoft Authenticator generate the codes using TOTP algorithms.
User Notifications
User will receive an automated email notification when 2FA is activated on their account.