The purpose of this article is to explain the advantages of two-factor authentication (2FA), where it can be applied and how to set it up in CEMAR.
Since the 30th of June 2022, the option to answer security questions instead of using the 6 digit code generated by your authenticator app to log into CEMAR has been removed. If you are unable to retrieve the 6 digit code then please liaise with a Superuser or Thinkproject Support to request that the 2FA on your account is reset. This will allow you to relink your CEMAR account to your authenticator app (see guidance below on how to link) and access CEMAR.
Video content is available below.
Two-factor authentication (2FA) provides an extra layer of security to your CEMAR account, in addition to your username and password.
When 2FA is enabled, a 6-digit security code will need to be entered in order to access your account.
In order to generate the security code, your account must be linked to an external authentication application (such as Google Authenticator, for example). The app will provide the code for you to enter.
If 2FA has been enabled for your account (either by yourself during your account activation or by a superuser) you will be presented with the setup wizard below after logging in for the first time.
Please note, the below QR code is an example. Do not scan this to complete your own 2FA set up.
At this stage, you will need to have downloaded an authenticator app on your smartphone. If you do not have a smartphone, please see the section below in this article for further guidance.
To link your CEMAR account to your authenticator app, scan the QR code whilst in the app. If this does not work, there is also the option to show the manual key, which provides a code for you to enter into your app.
The accounts will link and the app will provide a 6 digit code which you can enter into the required field.
New/additional devices can be added in the Security section of the My Profile tab.
Once 2FA has been set up, you will be presented with the display below each time you log into CEMAR, after entering your username and password. Simply open your authenticator app and enter the 6 digit code provided.
Please note, the 6 digit code within the authenticator app refreshes every 30 seconds.
If you do not have a smartphone and are unable to download an authenticator app in order to set up 2FA, you may wish to download the Google Authenticator web extension, which can be found here.
Once you have downloaded the web extension, you will be able to locate the authenticator here:
From here, select Authenticator:
You will then be able to select the highlighted icon, which will allow you to scan the QR code on your screen:
Once linked, the authenticator will provide the 6 digit code that you need to log into CEMAR.
2FA can be enabled for an account at the individual's discretion, however, it can also be set up by a superuser to be a mandatory requirement to access the contracts in the system. Please note that if a superuser has set your account up to require 2FA, then you will not be able to switch this off yourself via the following method and instead should liaise with your superuser.
If 2FA is not mandatory for your account, you can switch it on/off by navigating to the My Profile on your home page once logged in.
In the Security tab, select the Activate check box:
2FA can be deactivated following the same procedure by instead de-selecting the Activate check box.
Firstly, navigate to CEMAR Admin Panel:
Next, open the relevant contract within the Contracts tab.
Within the Basic Details tab of the contract, tick the Two-factor authentication (2FA) check box:
All users with access to this contract will be required to set up 2FA and use it each time they log into CEMAR.