Two Factor Authentication
Add an extra layer of security to your user accounts by using Two-Factor Authentication (2FA). Insight supports the use of an authenticator app like Google Authenticator or Authy. Typically, this app runs on your mobile phone. It generates 6-digit codes, which are entered during login, in addition to a password.
Enable Two-Factor Authentication for user login
Unless 2FA is enforced at school or Trust level, each user needs to enable Two-Factor Authentication for their account, via Account > User Profile.
Next, click Enable Two-Factor Authentication.
Now follow the instructions to scan the QR code with your authenticator app of choice. Enter the code from your authenticator app into the text box under Step 2 and click Next.
If successful, you will be presented with your recovery codes. Note these somewhere safe. They allow one-time access in the event that you lose access to your authenticator device.
Account Recovery
If you lose your recovery codes and your authenticator access then you will need to contact a user in your school or trust who has Admin access and ask them to disable Two-Factor Authentication for your account. This will enable you to get access to your account and then re-enable Two-Factor Authentication once logged in.
Admin users can disable Two-Factor Authentication for a user by accessing the Manage Staff screen and editing the user.
Enforce Two-Factor Authentication for the school or Trust
Admin users can enforce use of 2FA for all users in the school. Similarly, Trust admin users can enforce use of 2FA for all users in all schools in the Trust.
To do so, open the Account menu > Admin > Two-factor authentication in the Users section
Tick the box labelled Require two-factor authentication for all users and click Save.
