We Added Duo Security Two-Factor Authentication Because It Was the Right Thing to Do
We added Duo Security two-factor authentication and we feel better that we did. It was the right thing to do and the most convenient way for customers to significantly enhance their user’s security profile while using Aha! Compared to other approaches like rotating passwords or adding password complexity — it was the obvious choice.
Two-factor authentication can be used to improve the security of your account by adding another level of protection to the login process. With two-factor, a message is sent to your cellphone (or landline) during the login process. The login only succeeds if you respond to the message.
While basing security on forced password changes or complexity sounds like a good idea — it simply encourages most folks to write the passwords down and it does not help protect them against theft. They are still passwords at the end of the day.
Our implementation with Duo makes it easy to protect users from bad guys (and more likely just bad habits) while still accessing Aha! with ease. It’s as easy as logging in to Aha! and tapping a button on your phone to take advantage of the added security. There are no phone calls to wait for or passcodes to type in.
Here is how to get started:
To take advantage of two-factor the Aha! account administrator must first signup for a Duo Security account. There is no need to add your Aha! users to Duo manually — they will be added automatically the first time they log into Aha! after two-factor is enabled.
Create a new integration in Duo. The type should be set to Web SDK.
The default configuration for the integration is fine. Copy the Integration Key, Secret Key and API hostname values — they will be needed to configure Aha!
In Aha! go to the Account settings - Account - Profile page. Enter the values from your Duo integration, enable two-factor authentication and click Update.
Test the authentication flow by using a different browser or a different computer (so that you can change the settings if they are wrong). In the different browser try logging in. After entering your email address and password you will be prompted to enroll for two-factor authentication.
Two-factor authentication applies to all users in an Aha! account. Go here to learn what your users will need to do when they log in to Aha!