In this article, we will go over the new Rhombus updates for 2-factor authentication:
Two-Factor Authentication Update (2FA)
Whenever new users log in from a browser or mobile app, they will be prompted to go through a captcha and 2-Factor Authentication.
Once users have gone through this first login process, they will no longer need to go through a captcha, but they will be prompted to go through 2FA.
This 2FA requirement is required for all organizations but admins can allow users to opt out of 2FA for a period of time on trusted devices. An account-wide setting will be made available to specify after how many days (ranging from one to 365) users will need to re-authenticate.
When logging into their account, users will have three opportunities to enter the correct password before going through the captcha and 2FA process, even if they are in their opt-out period. If a userrepeatedly fails to enter a valid password, that device will become untrusted. If 10 combined failed login attempts occur from any untrusted source, that account will be locked for 10 minutes for any untrusted source. Trusted devices will still be able to log in.
- Users on untrusted devices must solve a Recaptcha when entering a password ("I'm not a robot"; a device becomes trusted after successful login).
- By default, 2FA will be enabled for all organizations. However, when entering a 2FA code, the user can "skip 2FA for future logins" on a per-device basis for a period of days as set by their org.
- A lockout mechanism was added when too many incorrect passwords are entered (10 for untrusted devices; a warning is given when 1-3 tries remain).
Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or firstname.lastname@example.org.
Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or email@example.com.