Two-Factor Authentication (2FA)
Two-Factor Authentication (2FA) – NEON
We have introduced a Two-Factor Authentication (2FA) mechanism in NEON to improve platform security. With this feature, users will need to verify their identity with an email-based One-Time Password (OTP) in addition to their username and password. This ensures that even if login credentials are compromised, unauthorized access will be blocked.
Purpose
The purpose of this implementation is to enhance the security of the NEON platform by requiring an extra layer of authentication.
- Admins can enable/disable 2FA for themselves and other users.
- End-users can manage 2FA directly from their profile settings.
- Customers can also configure 2FA within the Customer Panel.
2FA Setup Options
- 2FA Setup in Admin Panel
- Admins can enable or disable 2FA.
- From Admin → Edit Users, Admins can enable 2FA for specific users.
- 2FA Setup in User Profile
- Each user will have the option to enable or disable 2FA from their Profile Page.
- 2FA Setup in Customer Panel
- Customers can log in to their Customer Panel → Edit Profile → Enable/Disable 2FA.
OTP Validation Rules
- If the OTP is incorrect or expired, an error message is shown.
- A Resend OTP option will be available.
- Users cannot proceed to the dashboard without entering a valid OTP.
- All OTP-related activities are logged for audit purposes.