| Subject: | Two Factor Authentication - Enable users to use either App or Email |
| Summary: | As a failsafe, users should be able to use either Email or App authentication. having both enabled means you can use either mechanisms to log in. This is particularly important for users using Email 2FA and the Email server is down. In this case, users can enter the APP 2FA. |
| Audit Notes: | Edited by rashna on 27/05/21 08:36. Edited by sanjay on 26/05/21 16:09. |
| 17 May 2021 | 09:59AM Comment 1 by Sanjay (Link Technologies) Assigned To: Rashna (Edge Business Solutions) Followup Date: 19-05-2021 09:57 AM Time Taken: 6.00 Notes: Edited by sanjay on 18/05/21 10:45. |
| PART A - Development work for this case has been completed. 1. The change will be available in version: 12.42.0517 2. The following changes were made(Include Database object names, Program classes, and any other relevant information): - Added ability for Either Email or APP codes to be used when logging in
3. Affected Areas: - Login Form
4. The issue was caused by: - Improvement
5. Notes:
6. Next Step (Review and System Test (Developer) -> UAT (Quality) -> Documentation): UAT
|
|
| 18 May 2021 | 10:48AM Comment 2 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 20-05-2021 10:44 AM Time Taken: 8.00 |
| PART A - Development work for this case has been completed. 1. The change will be available in version: 2. The following changes were made(Include Database object names, Program classes, and any other relevant information): - When a new user registration comes through the web (User is not authenticated), the option to ENABLE EMAIL 2FA is disabled and the user is forced to use Email2FA. This will enforce users to enter valid Email Addresses.
- When creating a user from the "Global Administration" menu, the Email2FA is enabled and the user account creator can choose to Enable Email2FA
3. Affected Areas: - Create New User and New User Registration
4. The issue was caused by: - Improvement to Security Platform
5. Notes:
6. Next Step (Review and System Test (Developer) -> UAT (Quality) -> Documentation): UAT
|
|
| 19 May 2021 | 01:33PM Comment 3 by Alvis (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 21-05-2021 01:33 PM Time Taken: 1.00 |
| Documentation completed. |
|
| 24 May 2021 | 09:11AM Comment 4 by Rashna (Edge Business Solutions) Assigned To: Sanjay (Link Technologies) Followup Date: 26-05-2021 08:46 AM Time Taken: 1.00 |
| QA Results Tests carried out according to requirements specified on the case header Test Results Summary Table 1 - Summarised list of issues | No | Test Description | Pass/Fail | | 1 | Validate that "Email 2FA" is enabled by default for "User Registration" and "Create New User"
| Pass
| | 2 | Create a user new user: - Username - Jones
- Email - rashna@linktechologies.
User should be created without errors | Pass
| | 3 | Login as Jones, the security code should be emailed. User should be able to log in
| Pass
| | 4 | Set "2FA using App" for Jones
| Pass
| | 5 | Login in Jones - Use the security code sent to the email
- Use code from the app.
- User should be able to log in with either of the codes
| Pass |
Environment Details - OS version: Windows Server 2012
- Application version: 12.42.0520RC1
- Setup: Demo
- Server : 10.0.0.14
- Database:LINKSOFT-DEMO-124
Next Step: - For Closure
|
|
| 25 May 2021 | 10:51AM Comment 5 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 27-05-2021 10:50 AM |
| Thanks Rashna |
|
| 26 May 2021 | 02:31PM Comment 6 by Sanjay (Link Technologies) Assigned To: Rashna (Edge Business Solutions) Followup Date: 28-05-2021 02:29 PM Time Taken: 5.00 |
| Additional changes to TFA in V12.42.0526 - If Email and App 2FA is enabled, we do not send the code via email until the user chooses to get an Email 2FA. This is done to reduce the number of emails sent as the user may choose to use APP 2FA
Next Step - UAT |
|
| 26 May 2021 | 02:53PM Comment 7 by Alvis (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 28-05-2021 02:41 PM Time Taken: 1.00 |
|
Table 1 - Test Results
| Test No | Test Case | Pass/Fail | Comments | 1
| Login without 2FA
| Pass
|
| 2
| Login with Email 2FA
| Pass
|
| 3
| Login with App 2FA
| Pass
|
| 4
| Login with Email & App 2FA
| Pass
|
| 5
| Create a new user and login
| Pass
|
|
|
|
| 27 May 2021 | 08:35AM Comment 8 by Rashna (Edge Business Solutions) Assigned To: Sanjay (Link Technologies) Followup Date: 02-06-2021 08:31 AM Time Taken: 1.00 |
| QA Results Tests carried out according to requirements specified on the case header Test Results Summary Table 1 - Summarised list of issues | No | Test Description | Pass/Fail | | 1 | Setup 2FA using the authenticator app only. When logging in the security code from the app should be validated
| Pass
| | 2 | Setup 2FA using the authenticator app and email. When logging in the users should have the option to choose to email code
| Pass
| 3
| User should be able to log in either with the code from the email or the security code from the app
| Pass |
Environment Details - OS version: Windows Server 2012
- Application version: 12.42.0526GA
- Setup: Demo
- Server : 10.0.0.14
- Database: LINKSOFT-DEMO-124
Next Step: - For Closure
|
|
| 27 May 2021 | 10:29AM Comment 9 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 02-06-2021 10:29 AM |
| Thanks Rashna |
|