2-Step Verification Guide for Organization Administrators
2 Step Verification at a glance
- Compatibility with devices: 2-Step Verification can be used with iOS, Android, Windows and Blackberry 7 mobile devices, and on Windows computers.
Affects users’ accounts: You can apply 2-Step Verification at the project or organization level, but it affects users’ accounts. A user who has 2-Step Verification at either level must always use 2-Step Verification to log in to Aconex, even if certain parts of the system (for example, certain projects) don’t require it.
Setup Wizard: When you apply 2-Step Verification, affected users will be prompted to set up the authenticator app on their devices through a Setup Wizard the next time they log in.
Using 2-Step Verification
2SV can only be used after it has to be set up by your Org Admin, and they have enabled the permission for your role. Please talk to your Org Admin for more information.
Applying additional security in your organization
As the Organization Administrator, you control how 2-Step Verification is applied within your organization and the projects it owns.
You can apply 2 Step Verification across your organization by granting access to certain user roles.
We recommend you do this in stages, so that you can help users understand the need for the additional security, and get set up.
This setting takes effect immediately. The next time the affected users try to log in, they’ll see the 2-Step Verification Setup Wizard. This steps them through setting up a mobile device or computer with an authenticator app.
Users will need to use the authenticator app every time they log into Aconex from this point on. So if they access Aconex from multiple computers, for example, they’ll need to either set up the authenticator on a mobile device, or set it up on every computer from which they want to access Aconex.
If users want to set up multiple devices, they’ll need to set them all up at once, as the Aconex “secret key” they need to enter into each authenticator app can only be shown once, at setup, for security reasons.
Applying 2 Step Verification to a project
You can apply 2 Step Verification to a project you own in the project’s Preferences.
As soon as a user is invited to join a project that uses 2-Step Verification, they will no longer be able to access any Aconex projects on that Aconex instance without using it.
Keep in mind that if you apply 2-Step Verification to a project, every collaborator on that project, including people outside your organization and those working with them through Aconex, will also need to use 2-Step Verification every time they log into Aconex.
We recommend you work with your project community to develop a 2 Step Verification rollout plan before you implement this feature. Your Aconex representative can help you with this plan.
Resetting and removing user enrolment
Note that disabling an account that uses 2-Step Verification won't have immediate effect on mobile devices unless the user has logged out of their account on their mobile device. Otherwise, it may take up to 24 hours for their mobile account access to be disabled.