Two Factor Authentication helps registered LMS users get to their home page by presenting challenge questions that are difficult to answer without deep personal knowledge of the user. Once enabled, the LMS login page will offer a new link, Forgot Username.
When a user does not remember the username associated with her account, 2FA can identify her by first name, last name, and either her location code or her email address. The option to use location or email address as an identifying parameter is determined by the setting chosen on the LMS Information page. Once identified, the system presents two security questions to authenticate the user. When the user answers those questions correctly, they are redirected to the LMS home page. From there, users can view or edit their username, email address, and change their password, if allowed access to the Account page by their portal administrator.
Note: The standard process for LMS Password Reset remains available by default. The Forgot Password link is available for portals using 2FA, and it continues to be a good option for those users who do recall their username and email address.
For portals that allow user access to the Account page, some prefer to use 2FA for both username and password issues and no longer want the Forgot Password link to show on the login page. By contacting Latitude Support, the Forgot Password link can be removed and the 2FA-related Forgot Username link can be renamed “Forgot Credentials” or “Forgot Login Information”.
Portal Administrators have the ability to enable or disable 2FA for their LMS portals using the following steps:
Note: Once you turn it on, 2FA is immediately active in your LMS. All users will be required to set up Challenge Questions when they next log into the system. If you select Location as the additional identifier, note that your users who use 2FA to recover their access to the LMS will need to be aware of their Location Code. If you select Email, the user must use the email address associated with their LMS account. Latitude strongly urges Portal Administrators to communicate all the necessary information about the use of Two Factor Authentication to their user base prior to enabling it.
For support purposes, Portal Administrators can view a user’s authentication questions and answers from the General Info tab of the user’s account. The information is display-only and cannot be altered by a portal administrator unless he or she impersonates the user, an action which requires sensitivity to the potential impact on the user account.
If a user fails the Challenge Questions six times, the authentication process is terminated and the user is returned to the login screen. They must contact the Portal Administrator for additional help.