To strengthen security, we need to add another factor into the authentication system.

We intend to implement the following second factors into the authentication system:

1. Microsoft Authenticator

In version 12.40, we will implement Email Authentication as the second factor, followed by 2 and 3 in future versions. 

Design:

1. When a user registers, we have a checkbox that will allow the user to select if Email authentication is enforced
2. Administrators will be able to Enable/Disable the second-factor authentication
3. Once the second-factor authentication is enabled, only the Administrator can disable 
4. Two-factor authentication will not be implemented on POS as this is an on-premise system that is not accessible from external networks.

1. The change will be available in version:12.40 Development Environment

2. The following changes were made(Include Database object names, Program classes, and any other relevant information):

1. Added a flag on User Maintenance called "Enable Two Factor Authentication - Authenticator App"
2. Added ability for a user to register for Two Factor when "changing Password". We need this at Change Password as the Account needs to be active.
3. Added ability for Administrator to Enable/Disable 2FA from User Maintenance
4. Added code to Login form to implement 2FA
5. If Email and App TFA is enabled, the APP TFA is ignored.

3. Affected Areas:

1. User Maintenance
2. Change Password
3. Create New User
4. Login Form

4. The issue was caused by:

1. Improvement and Expand 2FA

5. Notes: 
6. Next Step (Review and System Test (Developer) -> UAT (Quality) -> Documentation): UAT and Provide suggestions. Use Link247 Development Environment to test.

Hi Rashna, the purpose of "Verify QR Code" is to Verify that the AP is set up properly. It is not a mandatory step.

Alvis, please document the 2FA so the users understand the purpose of "Verify QR Code".