Our article Your Nfield login’s value on the dark web explains why access to your Nfield account is such a tempting prize for hackers. The good news is you can make it almost impossible for them to get in by deploying two-factor authentication. Adding this extra security layer to your username and password login makes your Nfield account more than 99.9% less likely to be compromised, according to research by Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft1.
This article explains the concept of two-factor authentication (2FA) and its benefits, as well as giving instructions for setting it up and rolling it out in your organization.
You’re probably already familiar with using two-factor authentication to access things such as bank, social media (Facebook, LinkedIn, Instagram) and email accounts. 2FA adds to the first factor – your email address/username and password combination – by asking for a code which can only be obtained via a physical object you have in your possession. This might be a key-like token, an office access card or an SMS message received on your mobile phone. Very highly secured systems may even require a third factor, such as a fingerprint or iris scan.Nfield accounts secured with two-factor authentication require users to enter a code (a token) generated by a standard authenticator app on a mobile phone. This has the effect of complementing something you know (your username and password) with a code obtained through something you have (your phone). It effectively blocks any hackers who have obtained your username and password from getting into your Nfield account, as they would not be able to retrieve the second factor code from the phone. Your valuable Nfield fieldwork and respondent data is thereby protected from prying eyes.
Different companies have different policies for protecting different types of data. Even if your organization doesn’t require two-factor authentication, your client’s organization might. Having it set up on your Nfield account means you’ll be compliant with every policy or project requirement.
With compliance and IT policies regularly being updated to fend off new security threats, it’s probably only a matter of time before two-factor authentication becomes a standard requirement.
2 https://www.zivver.com/blog/which-type-of-2fa-do-i-need-to-use-under-the-gdpr3 https://advisera.com/27001academy/blog/2017/01/16/how-two-factor-authentication-enables-compliance-with-iso-27001-access-controls/
Enabling this feature across an Nfield domain can only be done by domain administrators or local domain managers. The instruction to enable is located in the password policy page in the domain settings.
After enabling two-factor authentication, follow the on-screen instructions for setting up two-factor configuration. You’ll need to start by selecting and setting up an authenticator app, such as Microsoft Authenticator, Google Authenticator or others. Next, use the app to scan the QR code provided by Nfield. Once all is correctly configured, the app will provide a code which needs to be entered into Nfield to complete the two-factor authentication. It is as simple as that! Every time you log in to Nfield, you go through the same process, getting a new code each time.
Two-factor authentication will become effective across your Nfield domain within 30 minutes of being enabled. Any logged-in users will get the same prompt asked them to complete their configuration setup. Other users will get this prompt when they try to log in. Using public API (https://www.nipo.com/api-what-researchers-need-to-know) is excepted from using two-factor authentication.
To minimize disruption to your team, please plan this carefully. We recommend you consider the following:
Whether or not you feel you need it right now, we highly recommend enabling two-factor authentication for your Nfield domain, to enjoy better security protection and gain more benefits from Nfield. If you have any questions, please contact our helpdesk. And, of course, we’re always curious to get your feedback via your account manager.
Get notified when we publish new handy tips and important news about Nfield
© 2021 NIPO | Privacy | Cookie disclosure | Sitemap