Two-factor Authentication (2FA)

Posted almost 3 years by Xidcorp Limited

  • Pinned Topic
Xidcorp Limited
Xidcorp Limited Admin


This security feature is available to all registered workXid members.


We advise all organization administrators and safety officers to activate this feature for increased breach protection of your organizations and employee data.


Two-factor authentication (2FA) has been introduced to the workXid desktop to allow an extra layer of security to - now considered old-fashioned and insecure - the simple sign-on procedure of entering a username and password.

To enable the workXid 2FA desktop feature you should first install and register the workXid app on your mobile device.


Then sign-on to your workXid desktop and follow the menu My Profile>Preferences> toggle the 2FA feature to ON.

Our implementation of 2FA sends a verification code to your mobile device and registered email

We do not use the telco Short Message Service (SMS) to send our validation codes. On each attempt, a new access code will be transmitted.


      Enter the 6-digit validation code when prompted.



Why workXid suggests you activate 2FA? 

With increasingly massive data breaches of hugely-popular companies recorded each month, 2FA authentication is fast becoming standard. Even though there are ways to get around 2FA, it is still safer than just using the old-fashioned username and password combo. To bypass 2FA, the attacker would still have to break two authentication cycles vs just one for usernames and passwords.


So how can you do your part to keep criminals away from 2FA? 

Pay attention to the workXid emails telling you that you attempted a 2FA access, and check if that was you. Also, pay attention to other obvious red flags like emails notifying you of failed login attempts or password reset requests that didn't come from you.


Sign-On Difficulty or Locked-Out?

The workXid system has the need to ensure against password hacking bots. Therefore, a Lock-Out security feature has been activated if you are presented with this message during desktop access.

The security feature will lock out all sign-on attempts from the same IP address (same WiFi system) when activated. Activation occurs when the system detects more than five consecutive failed sign-on attempts from that same IP address. The Lock-Out feature also includes failure attempts providing a correct two-factor authentication 2FA code. As a result, all individuals attempting workXid desktop access from that same IP address will have to wait 15 minutes to retry any sign-on. The Lock-Out feature will not impact active user sessions already using that same IP.


The workXid desktop is designed to auto sign-off a user session after 30 minutes of inactivity. Auto sign-off will require the user to regain access through the sign-on process.  


If you believe that you are under attack, provide details to XIDCORP SECURITY.



XIDCORP OPERATIONS

workXid Service Centre

Use the HELP Button!

1 Votes


0 Comments

Login or Sign up to post a comment