Two-factor authentication (2FA)

Lucca provides several methods for you to authenticate yourself with our solutions.

Protect your Lucca account with the 2FA option

Two-factor Authentication (2FA) adds an extra level of security to protect your Lucca account in the event of password theft. This option enhances the security of password authentication, where you use your login and password to validate your identity.

This security technique strengthens the protection of your Lucca account by adding a second identification step: sending a single use code by email.

Validate your identity in two steps

When you log in to your Lucca account with the 2FA option enabled, we request that you: 

Step 1: Enter your login and password

mceclip0.png

Step 2: Enter a single use code sent by email

Interface for entering the security code sent by email

mceclip2.png

Example of a security code sent by email

mceclip1.png

How to activate the 2FA option on your Lucca account

Only administrators can activate the 2FA option to be applied to all user accounts. You can find this feature in the Authentication & SSO administration interface: 

Advanced options > Enable two-factor authentication (2FA)

"Advanced options" in the Authentication & SSO administration interface

mceclip3.png

Once this option has been activated, all user sessions will be terminated (with the exception of SSO sessions). The next time you log on, you will need to choose a 2FA email address, which we will use to send you a security code.

This 2FA email address can differ from the business or personal address entered in your employee file.

Note: This feature is not available on mobile apps.

Connect to Lucca with the 2FA option

First connection 

Autonomous user account initialization from the login page

mceclip0.png

When you log on to our solutions for the first time, you can configure your account using the "First login" button on the login page. An account initialization email will be sent to your business email address.

You will then be asked to choose a password and provide a 2FA email address, to be used as a second authentication factor.

Which actions require validation of the second factor?

A security code will be systematically sent by email when you request to perform a "sensitive" action on your Lucca account

- Login to account

- Change your account password

- Change the 2FA email address associated with your account

How can I change the 2FA email address associated with my account? 

Access "My account", to manage the password and 2FA email address

mceclip4.png

In the "Login information" section, you can change your password and your 2FA email address, used as a second authentication factor

mceclip5.png

How do I reset a Lucca account protected with the 2FA option?

Once this option has been activated, users can no longer reset their account independently from the login page. Only administrators are authorized to perform this action.

User file, "Login" section

mceclip6.png

As an administrator, you can reset an account from the "Login" section of the user's profile, then click on "Reset password".

You can choose from:

  • Send a reset email to the employee
  • Generate a temporary single use password

 

 

Page content

Was this article helpful?
1 out of 2 found this helpful