Table of Contents
Users Set-up and Log-in with 2FA
Introduction
What is Two-Factor Authentication (2FA)?
Two-factor authentication (2FA) provides an additional layer of security to your accounts and increases your protection against unauthorized access. It significantly decreases the risk of a hacker accessing your online accounts by combining your password (something you know) with a second factor, like your email (something you have).
The Importance of Two-Factor Authentication
- Enhanced Security: 2FA reduces the risk of unauthorized access by making it more difficult for attackers.
- User Verification: It ensures that the person trying to access the account is the actual user.
- Protection of Sensitive Data: It provides an extra barrier to protect sensitive data and information.
Enable 2FA Security (company-wide)
To enable 2FA for your Aborgold database:
- Navigate to and click the Set-up (gear) icon in the top navigation bar.
- Click on Settings.
- Click Security on the right-side navigation.
- Enable "Enable 2FA Security's Toggle
Once enabled, all users will be prompted to enroll in 2FA the first time they log in after this change.
Delay 2FA Enforcement
To enable Delay 2FA Enforcement for your Aborgold Users:
- Navigate to and click the Set-up (gear) icon in the top navigation bar.
- Click on Settings.
- Click Security on the right-side navigation.
- Toggle On "Do you want to delay 2FA enforcement?" option.
After enabling 2FA Security and and setting an enforcement date:
-
Before the enforcement date:
When a non-2FA-authenticated user logs in, they will see an option to Continue without 2FA. If selected, they can access the Dashboard without setting up 2FA. However, a 2FA Setup Reminder modal will appear on future logins, reminding them of the enforcement deadline.
-
On or after the enforcement date:
Non-2FA-authenticated users will be required to complete the 2FA setup flow before accessing the Dashboard. The option to skip 2FA will no longer be available.
Restrict Domains:
This option allows you to control which email domains can be used for Arborgold user accounts and 2FA authorization code emails. To restrict domains, enter the allowed email domain(s) in the Restrict Domain field, using a semicolon to separate multiple domains (e.g., enter @arborgold.com for johndoe@arborgold.com and @gmail.com for johndoe@gmail.com).
Users with excluded domains, such as "@aol.com," will not receive 2FA authorization codes, which enhances security and impacts new account creation with those domains.
User Login with Two-Factor Authentication (2FA)
A step-by-step guide to setting up and logging in with 2FA in Arborgold.
1. Log In to Arborgold
-
Navigate to your Arborgold login page.
-
Enter your username and password.
-
Click Login.
2. Enable Two-Factor Authentication (2FA)
-
After logging in, click Enable Two-Factor Authentication.
-
Verify your email address with a one-time verification code:
-
The email shown is pulled from your Arborgold User Profile.
-
Important: You must have access to this email to proceed.
-
⚠️ Note: Changing the email here will also update it in your User Profile.
-
-
Enter the verification code sent to your email.
-
Click Verify.
3. Set Up SMS as 2FA (Recommended but Optional)
-
Choose one of the following:
-
Skip SMS Setup: Click Continue to proceed without SMS and set up later.
-
Configure SMS 2FA:
-
Enter your phone number for SMS verification.
-
Click Send Code to receive a text message.
-
Enter the verification code and click Verify.
-
Click Continue, then Done.
-
-
4. Confirmation & Future Logins
-
-
You’ll receive a confirmation email that 2FA is enabled.
-
On future logins, your browser will store authentication in cookies for convenience.
- You will be able to log in for the next 30 days without providing the second authentication method.
-
User Account
Your user account settings enable you to customize your profile, strengthen security, and maintain current information. To access the User Account page, navigate through Profile Settings → Settings → User Account → Upload Photo. Here are the essential features you can manage:
-
Upload Profile Photo:
Add or update your profile picture to personalize your account. Here is how you can update that:
- Go to Profile Settings → Settings → User Account → Upload Photo.
- Select an image and confirm.
- To remove it, click "Remove Photo".
-
Update User Name: Your username is what you enter when you login and others identify you on the platform. Here is how you can update that:
-
-
Enter a unique username (not already in use).
-
Complete 2FA verification (if enabled).
-
Save changes.
-
⚠️ Note:
-
-
Usernames cannot be blank or already taken.
-
Changes take effect immediately.
-
-
Update Email Address: Keep your email updated for account recovery and notifications. Here is how you can update that:
-
Enter a new, unique email.
-
Verify via 2FA (SMS or Authenticator App).
-
Save changes.
-
⚠️ Note:
-
-
Invalid or duplicate emails will be rejected.
-
Updating your email revokes 2FA linked to the old one.
-
-
Update Password: Regularly updating your password helps secure your account. Here is how you can update your password:
-
Enter a new password.
-
Confirm it and verify via 2FA.
-
Save changes.
-
🔒 Security Tip:
-
Use a strong, unique password.
-
You’ll be logged out after changing it.
2FA User Settings:
Manage your two-factor authentication (2FA) settings to bolster account security. To access the 2FA Settings, navigate through Profile Settings → Settings → 2FA Settings. Upon initially enabling 2FA:
- Your email will be designated as the default preferred authentication method.
- You have the option to add SMS as an additional verification method.
To configure SMS Method:
To set up SMS as an additional verification method (if it wasn't configured during your initial 2FA setup at login), follow the provided instructions in the settings.
-
Go to Security Settings → Two-Factor Authentication
-
Click "Configure" under Manage dropdown for Text Message (SMS)
To Set SMS as Your Preferred Method:
-
Go to Security Settings → Two-Factor Authentication
-
Click "Set SMS as Preferred"
-
Log out and back in for changes to take effect
✅ What happens:
-
You'll see: "SMS is now your preferred 2FA method"
-
SMS will be marked as "Preferred" in your settings
-
Email will remain available but won't be used first
To Set Email as Your Preferred Method:
-
Go to Security Settings → Two-Factor Authentication
-
Click "Set Email as Preferred"
-
Log out and back in for changes to take effect
✅ What happens:
-
You'll see: "Email is now your preferred 2FA method"
-
Email will be marked as "Preferred" in your settings
-
If SMS was previously preferred, it will become secondary
Disabling SMS Authentication
If you want to remove SMS verification:
-
Go to Security Settings → Two-Factor Authentication
-
Click "Disable" next to the SMS option
-
Log out and back in for changes to take effect
✅ What happens:
-
You'll see: "SMS two-factor authentication has been disabled"
-
Your phone number will be removed from active 2FA methods
-
Email will automatically become your preferred method
Important Notes
-
You must always have at least one 2FA method active
-
Changes require you to log out and back in to take effect
-
We recommend keeping multiple methods enabled for backup
Troubleshooting and FAQs
How do you disable two-factor authentication (2FA) for all users on the Arborgold Site?
To deactivate Two-Factor Authentication (2FA) for all users on the Arborgold site, go to the Set-up icon > Settings > Security. On the Security page, toggle the 2FA Enabled option to OFF. Once disabled, users will no longer be prompted to enroll in 2FA for their accounts.
Can we enable or disable Two-Factor Authentication (2FA) for a specific user?
No. 2 Factor Authentication (2FA) is a sitewide setting; once enabled, it will be mandatory for all users to enroll in 2FA. There is no option to enable or disable 2FA for specific users of Arborgold.
How do users resend the 2FA verification code?
To request a new verification code, click the Resend Code button after clicking the Login button. Users can check their email inboxes for the new code and enter it on the verification code page to proceed. Users can request a new verification code after 60 seconds of receiving the previous code.
How long does the verification code remain valid before it expires?
The verification code is valid for 10 minutes and will expire if a new code is received within the 10 minutes.
Is there a maximum number of attempts for 2FA verification codes?
Yes, five (5).
What if a user exceeds the maximum number of attempts for verification codes?
If the user enters an incorrect verification code more than five times, their account will be temporarily locked for 60 minutes. After 60 minutes, the user can try logging in again or contact the Arborgold User Admin to request that the account be unlocked during the 60-minute locked period. The user will receive an email notification informing them their account has been locked.
How to Unlock a Locked User Account?
If a user account becomes locked, there are two steps to unlock it and regain access.
- Wait 60 minutes to attempt to log in again. By default, the user account will automatically unlock after 60 minutes of reaching the maximum number of attempts.
- Contact your Arborgold System Admin and request that they unlock your account by accessing the Admin Portal and making the necessary changes to your user account.
- Navigate to the User Menu (square icon) in the top navigation.
- Click User Admin.
- The Locked column will show that the employee's account is locked.
-
- Right-click on the employee line that needs to be unlocked.
- Select Unlock Account from the dropdown.
Option 2:
-
- Double-click on the locked employee to open their employee record.
- Click on the Unlock Account toggle.
