NEW! Two-factor Authentication (2FA)


This security feature is available to all registered workXid members.


We advise all organization administrators and safety officers to activate this feature to best protect your organizations and employee data.


Two-factor authentication (2FA) has been introduced to the workXid desktop to allow an extra layer of security to - now considered old-fashioned and insecure - the simple sign-on procedure of entering a username and password.

To enable the workXid 2FA desktop feature you should first install and register the workXid app on your mobile device.


Then sign-on to your workXid desktop and follow the menu My Profile>Preferences> toggle the 2FA feature to ON.

Our implementation of 2FA sends a verification code to both your mobile device and registered email. We do not use the telco Short Message Service (SMS) to send our validation codes. On each attempt, a new access code will be transmitted.

Simply enter the 6 digit validation code when prompted.


Why workXid suggests you activate 2FA? 

With more and more massive data breaches of hugely-popular companies recorded each month, 2FA authentication is fast becoming standard procedure. And even though there are ways to get around 2FA, it is still safer than just using the old-fashioned username and password combo. To bypass 2FA, the attacker would still have to break two authentication cycles, vs. just one for usernames and passwords.


So how can you do your part to keep criminals away from 2FA? 

Pay attention to the workXid emails telling you that you attempted a 2FA access, and check if that was really you. Also, pay attention to other obvious red flags like emails notifying you of failed login attempts or password reset requests that didn’t come from you.


Sign-On Difficulty or Locked-Out?

The workXid system has a Lock-Out security feature to ensure against password hacking bots. If you are presented with this message during desktop access then the Lock-Out security feature has been activated.

When activated the security feature will lock out all sign-on attempts from the same IP address (same WiFi system). Activation occurs when the system detects more than 5 consecutive failed sign-on attempts from that same IP address. This also includes failure attempts providing a correct two-factor authentication 2FA code. All individuals attempting workXid desktop access from that same IP address will have to wait for 15 minutes to retry any sign-on. This will not impact any active user sessions already using that same IP.


The workXid desktop is designed to auto sign-off a user session after 30 minutes of inactivity. This will require the user to regain access through the sign-on process.


If you believe that you are under attack provide details to XIDCORP SECURITY



XIDCORP OPERATIONS

workXid Service Centre

Use the HELP Button!


1 person likes this
Login or Signup to post a comment