Versions Compared

Old Version 78

changes.mady.by.user Eric Hatleback

Saved on

compared with

New Version Current

changes.mady.by.user Eric Hatleback

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Multifactor Authentication

VINCE accounts require multifactor authentication for obvious security reasons. This requirement is part of the reason we recommend that each user has their own individual account, as opposed to a shared team account, as the team would have to securely share the MFA token as well.

VINCE currently offers a choice of authentication options:

...

VINCE previously allowed users to perform multifactor authentication with Short Message Service (SMS) text messages. However, since November 8, 2023, the SMS option has been disabled, and all multifactor authentication must be performed using time-based one-time passwords (TOTP)

...

. TOTP requires access to a third-party application, such as Google Authenticator, Duo, or LastPass Authenticator

...

.

...

Using TOTP

  1. Select "TOTP"
  2. A QR code will be generated that can be scanned using the authentication application of your choice.
  3. Enter that temporary password generated by the application.
  4. (Optional) Give your device a friendly name.

    TOTP Token to link app to VINCE for authentication

  5. You will have two forms of confirmation that your account has successfully enabled TOTP multifactor authentication on your account:
    1. A green banner on the web page indicating success and displaying your User Profile
      Image Removed
    2. An email message confirming your MFA was successfully enabled.

Using SMS

    1. (see below), and

      Image Added
  2. Select "SMS".
    3. Enter the phone number you will use to receive text messages containing an authorization code.
  3. Use the International format as follows: + (country code) phone number
    4. If you have a United States number, please use +1 XXX-XXX-XXXX
    Enable SMS MFAImage Removed
  4. Click "Submit".
  5. Verify your account by entering the authorization code sent as an SMS
    Verify phone numberImage Removed
    You will have two forms of confirmation that your account has successfully enabled SMS multifactor authentication:
    1. Web page indicating success and displaying your User Profile
      SMS - user profileImage Removed

    2. An email message confirming your MFA was successfully enabled.



...

Authentication reset requests

MFA Reset Requests

If a user needs to reset their MFA due to lost/new device, please use the MFA reset process. The user must first login using their name and password. When the MFA prompt appears, click the "Troubleshoot MFA" link and follow the instructions on resetting the MFA. Note that if a password reset is required, this must be completed prior to any request to reset MFA.

...