Enable 2-Step Authentication for a Domain
The ability to secure and lock down email accounts is crucial in today’s online world, and with 2-Step Authentication, users can secure their accounts with an extra layer of protection.
2-Step Authentication is a method of providing a second verification of account ownership before a user can log into their account or connect to third-party clients and/or devices. For example, when a user has set up 2-Step Authentication for their account, the SmarterMail login page will require their primary account password and a secondary verification of account ownership before the user can log into webmail. The second method of verification will be provided to the user through popular authentication apps, like Google or Microsoft Authenticator, or through a recovery email address. In addition, SmarterMail will automatically generate strong “application passwords” that will be used to connect the SmarterMail account with third-party applications, such as email clients.
2-Step Authentication must be enabled in two places before a user can set up their preferred authentication method:
a) A System Administrator must enable the feature for the domain, and
b) A Domain Administrator must enable the feature for their users.
1. Enable 2-Step Authentication as a System Administrator
The 2-Step Authentication feature must be enabled for a domain before a Domain Administrator can enable or force 2-Step Authentication for their users. Follow these steps to enable 2-Step Authentication as a System Administrator:
1. Log into SmarterMail as a System Administrator.
2. Click on the Manage icon.
3. Click on the domain to edit its configuration options.
4. On the Features card, enable 2-Step Authentication.
5. Click Save.
2. Enable 2-Step Authentication as a Domain Administrator
After the 2-Step Authentication feature has been enabled for a domain, a Domain Administrator can enable or force 2-Step Authentication for their users. Follow these steps to enable or force 2-Step Authentication as a Domain Administrator:
1. Log into SmarterMail as a Domain Administrator. (If you're logged in as the System Administrator, simply click on the Manage button within the domain's configuration options, then select the Domain Administrator account to impersonate.)
2. Click on the Domain Settings icon. Then click on General in the navigation pane.
3. On the 2-Step Authentication card, change the Status to Enabled or Forced. If Enabled, users will have the option to set up 2-Step Authentication within their Account Settings, if they choose. If Forced, users will be required to set up 2-Step Authentication on the SmarterMail login page.
NOTE: Forcing 2-Step Authentication will disconnect any third-party clients/devices that the user has configured. Before forcing 2-Step Authentication, we advise notifying users of the change and providing details on how to set up 2-Step Authentication and configure their third-party accounts.
4. Click Save.