Open Beta Feature Release

Two Factor Authentication

With Two Factor Authentication, an Eagle Eye Networks Account can only be accessed on devices that are trusted, like a mobile phone or a computer. When a user wants to utilize a new device for the first time, that user will need to provide two pieces of information— a password and a four digit security code that must be obtained via a trusted phone number or an email address.

Once signed in, an Eagle Eye User won’t be asked for a security code on the authenticated device again unless the user signs out completely, erases the device, or needs to change a password for security reasons. When an Eagle Eye User signs in on the web, that user can choose to trust a browser so the user won’t be asked for a security code the next time that user signs in using the same browser on the same computer.

Terms

Trusted devices: A trusted device is a mobile device or a browser on a particular computer that has previously successfully signed in using Two Factor Authentication. It is a device that is known to be associated with that Eagle Eye User.

Trusted phone numbers and emails: A trusted phone number is a number that can be used to receive a security code by text. A trusted email address is the email address for the Eagle Eye User on the Eagle Eye Account.

Security code: A security code is a temporary code sent to a trusted device or phone number when the user signs in to a new device or browser.

Credentials: The email address and password of an Eagle Eye account are considered the user’s credentials.

Sign In with Two Factor Authentication

tfa-remember-me

A new item has been added to the login screen called “Remember me?”

The “Remember me?” checkbox will store the user’s email address in the browser. It does not store the password.

After entering credentials and clicking “Sign In” the next step is to select a method to receive the Security Code.

Email is the only choice the first time a user signs in who does not have a phone number listed in their user profile. A phone number can be added after successfully signing in.

tfa-email

tfa-phone

Once a phone number is verified, it can be used to receive a security code.

Example email with security code:

tfa-security-code

When a new user is added to an Eagle Eye account, an email is sent to the potential new user to verify the address. A link in the email “Set Password” must be clicked which prompts for a new password to be entered. Once the new password is entered and submitted, the new user is signed in without an additional security code. In this case, the link in the email is used in place of the security code. Normal two factor authentication resumes the next time the user signs in.

tfa-security-code-fail

If a user does not enter the correct security code after four attempts, the user’s account will be automatically disabled and an email notification will be sent to the user’s email address.

Email example when account is disabled:

tfa-fail-email

two-factor

The account can only be enabled by another user with proper permissions, which is typically the account administrator.

Adding Phone Number

A user must be signed in successfully to add a phone number. In the top right corner of the Eagle Eye web interface, click on your user name and select “My Profile.”

een-web-interface

tfa-profile

Select your country and enter the phone number.

To be accepted, enter your password and submit. This will send a security code to the phone number as a text.

tfa-add-phone

tfa-security-code-sent

Enter the security code to verify the phone number and it will be successfully saved.

The phone number will now be an option for receiving a security code when signing in with a new device or browser.

A security code is valid for 15 minutes. If the code is not successfully entered in this time, a new security code will need to be sent.

tfa-security-code-valid

Each time a new device or browser is used to sign in a new email is sent to notify the user of this activity. A link is provided to trusted devices which are shown under “My Profile.”

trusted-device-added-email-2017-02-07-12-49-40-1

my-profile-trusted-devices-2017-02-07-13-05-16

Any trusted device can be removed in the list or all trusted devices can be removed at once. A removed device will require two factor authentication if used to sign in.