Security Center
      Back to home
      1. Knowledge Base
      2. Web Application
      3. Security Center

      2FA: Two-Factor Authentication 

      Two-factor authentication (2FA) requires users to provide two different forms of identification, typically a password and a verification code sent to their smartphone or email, to access their accounts.

      FL3XX supports 2FA (TOTP) at both the operator level and the individual user level. Even if "Force Two-Factor Authentication" is not enabled at the operator level, individual users can still set up 2FA for their accounts. This allows flexibility, enabling 2FA to be configured for all users, specific individuals, or a combination of both.

      Operator Level

      Individual Level

       

      Operator Level

      Important Information for Mobile Users

      When Two-Factor Authentication (2FA) is enabled at the operator level, users will receive a notification to set up TOTP. This setup can only be completed using a web browser, so it’s essential for mobile users to have access to a laptop or desktop computer when this feature is enforced.

      Operator Guidance:
      To avoid confusion or alarm among users, operators are advised to carefully plan the rollout process internally. It is recommended to communicate the steps to all users in advance and ensure they are prepared to complete the 2FA setup process.

      1. Activate 2FA in your FL3XX account at operator level:

      • Go to Settings → Configuration → Security → Force Two-Factor Authentication.
      • Ensure that the checkbox for enabling 2FA is switched on.

      2FA

      Access for Crew Members:

      • Note that crew members do not have access to enable 2FA themselves.
      • If crew members want to enable 2FA, they must contact their administrator to activate it.
      • An administrator can enable 2FA on the Settings page for the entire organization.

      2. Initiating 2FA Authentication

      • After enabling Two-Factor Authentication (2FA), users will encounter an additional security step when accessing the login page. Upon entering their username and password and clicking the login button, they will be prompted to enter a unique 6-digit code for authentication.
      • This code will be sent to your email address used for logging in.

        6code

      3. Authentication Process:

      • Upon receiving the email, users have two options for authentication:
        • Copy and paste the code directly into the login page.
        • Click on the provided link within the email to automatically redirect to the login page with the code pre-filled. 

      2faemail

      4. Mobile App Notification:
      Once 2FA is activated, users of the mobile apps will receive a notification on mobile with the following message:

      TOTP 2FA required
      Two-factor authentication has been enabled for your account. Please complete 2FA setup by logging into your FL3XX account from a web browser and following the instructions.

       


      Individual User Level

       

      IMPORTANT: 

      Users must update the following apps to the specified versions before enabling OTP-based 2FA:

      • iOS Crew and Dispatch Apps version 2.11.21
      • iOS Sales App version 4.5.26
      • iOS Owner App version 3.5.20
      • Android Crew and Dispatch Apps version 2.11.28
      • Android Sales App version 4.3.24
      • Android Owner App version 3.5.13

       

      1. Activate 2FA in your FL3XX account at individual user level:

      • Check your app is updated to the required version as per the above notice.

      • Go to your Personal Page → Access Rights Section.

      • Click the "Turn On" button to begin the 2FA setup process.

        image-png-Jan-16-2025-02-57-50-8346-PM

      • The Enable Two-Factor Authentication Setup page will be displayed.


        image-png-Jan-16-2025-02-58-10-1527-PM

      • Use an authenticator app (e.g., Google Authenticator, Twilio Authy, Microsoft Authenticator) to scan the QR code displayed on the setup page or enter the provided code manually into your app.

      • After scanning the QR code or entering the setup code, click Next

      • Enter the 6-digit code generated by your authenticator app into the validation field.

        image-png-Jan-16-2025-02-59-00-4499-PM

      • Once the code is verified, your 2FA setup is complete.

        image-png-Jan-16-2025-03-00-53-2453-PM

       

      2. Logging In with 2FA

      • After activation, when you log in to FL3XX, you will be prompted to enter the 6-digit code from your authenticator app.image-png-Jan-16-2025-03-01-51-6015-PM

      • After entering the code, you will gain access to the FL3XX platform.

      3. Backup Login Option

      • If you lose access to your authenticator app, click "I don’t have access to my authenticator app" on the login page.

      • You will receive a backup code via email. Ensure your username is a valid email address or that your email is added to the Contacts section on your Personal Page.

      4. Remember Me Option

      • If you check the "Remember Me" box during login, the 2FA code will remain valid for 30 days as long as cookies are not cleared.image-png-Jan-16-2025-03-02-43-7726-PM

      • Clearing your browser cookies will require you to re-enter the 2FA code on your next login.

      5. Disabling 2FA (TOTP)

      You can disable 2FA at any time directly from your Personal Page. Follow these steps:

      • Go to the Access Rights Section in your Personal Page and click "Turn Off"

        image-png-Jan-16-2025-03-07-46-1897-PM

      • A Disable Two-Factor Authentication window will appear.

      • Enter the 6-digit 2FA code from your authenticator app and click "Disable 2FA". Once the code is validated, 2FA will be disabled.

      • If you no longer have access to your authenticator app, click "I don’t have access to my authenticator app" on the Disable window.image-png-Jan-16-2025-03-08-17-5975-PM

      • A 2FA code will be sent to your registered email address.

      • Enter the code from your email to validate and disable 2FA.