Enforcing two-factor authentication (2FA)

Administrators can enforce two-factor authentication (2FA) for their users in iManage Share. 2FA adds an additional layer of security, supplementing the username and password model with a code that only a specific user has access to.

As an added security measure, iManage recommends enforcing 2FA for the company to ensure both internal and external users are forced to use 2FA to sign in to iManage Share.

NOTE:

For users signing in using SSO, 2FA is not enforced. However, if users using SSO have 2FA configured for their account, they are prompted for the second layer of authentication during sign in. They can disable 2FA for their account at any time.

Users signing in to iManage Share must enter their email and password as the first layer of authentication, followed by one of the following methods of 2FA:

  • Text SMS

  • Authenticator app

To enforce 2FA:

  1. Select the

    images/download/thumbnails/51164368/Blue-Down_Arrow.png

    icon next to your name at the top.

  2. Select Settings.

  3. Select Company Profile.

  4. Select images/download/thumbnails/51164368/image2019-5-31_12-43-39.png next to Two-Factor Authentication. The following screen displays an Enforce this to access company content check box with the following message:
    For users from other companies: Two-factor authentication will be enforced on external users accessing your company content.
    For users from your company: Two-factor authentication will not be enforced on users using SSO. However, if they sign in with the username and password, they need to use the two-factor authentication.
    Two-factor authentication is enforced on the iManage Share web portal only.

  5. Select the check box and then select images/download/thumbnails/51164368/image2019-5-31_12-47-28.png .

After enforcing 2FA, when you sign in again, you are prompted to set up 2FA for yourself. To set up 2FA:

  1. Sign in to your iManage Share account.

  2. You are now directed to the Two-Factor Authentication Setup page as shown below:
    Figure: 2FA set up page

    images/download/attachments/51164368/2FA.png

  3. You can choose one of the following options to configure 2FA:

    • Use Text Message: If you prefer to add the second layer of authentication using SMS, select Set Up. From the Specify Mobile Phone Number dialog box, select your country from the country code list and enter your mobile number. The six digit authentication code is sent to this mobile number.

      NOTE:

      • The first six digit code you receive is the set up code, which you must provide to complete the 2FA set up. Subsequently when you sign in, the code you receive on your phone or shown in the Auth app is the verification code. The SMS verification code is valid for 5 minutes.

      • If users do not have access to their mobile phone or are unable to receive the text SMS, they can select images/download/thumbnails/51164368/image2019-5-21_15-6-4.png and then select images/download/thumbnails/51164368/image2019-5-21_15-2-1.png . The verification code will then be sent to their email address. This email verification code is valid for 10 minutes.

    • Use Authenticator App: If you prefer to add the second layer of authentication using Time-based One-Time Password (TOTP) Authenticator applications, select Set Up. The Authenticator App Setup dialog box appears.
      Figure: Authenticator App Setup dialog

      images/download/attachments/51164916/Untitled_copy.png

      • iManage Share supports common TOTP (Time-based One-Time Password) Authenticator applications including, but not limited to:

        • Google Authenticator

        • Authy

        • Duo

        • Microsoft Authenticator

    • Scan the barcode shown in the Authenticator App Set up from your authenticator application. If you are unable to scan the barcode, select images/download/thumbnails/51164368/image2019-5-21_20-23-38.png . A 32 digit unique code is generated. Enter this code manually in to the authenticator app on your phone, the app the generates a six digit code. Enter the six digit code generated in authenticator app in the Verification Code field below and select Submit to complete the 2FA set up.

      NOTE:

      • The images/download/thumbnails/51164368/image2019-5-21_20-27-2.png check box must be selected only if you are accessing iManage share from your personal computer and the same is used constantly. If you are accessing iManage Share from public computers, do not select the images/download/thumbnails/51164368/image2019-5-21_20-27-2.png check box. After selecting the images/download/thumbnails/51164368/image2019-5-21_20-27-2.png check box, users are not prompted to go through 2FA for 30 days from your last sign in.

      • All trusted devices are cleared when users reset their password.

An email notification is sent to you indicating that you have successfully set up 2FA.

At any given time, if you wish to change your mode of authentication for 2FA, perform the following steps:

  1. Select the

    images/download/thumbnails/51164368/Blue-Down_Arrow.png

    icon next to your name at the top.

  2. Select Settings.

  3. Select My Profile.

  4. Select images/download/thumbnails/51164368/image2019-5-31_12-43-39.png next to Two-Factor Authentication.

  5. You are directed to the Two-Factor Authentication Setup page where you can choose the alternate mode of authentication.

An email notification is sent to you whenever you make changes to your 2FA set up.