/
Switchvox - Using Multi-Factor Authentication

Switchvox - Using Multi-Factor Authentication

Owned by Bob Young, created
Jan 17, 2025
5 min read

Table of Content

Overview

MFA enhances security by requiring additional verification information, known as authentication factors, alongside the username and password. These factors typically include one-time passwords (OTP), which are 6-digit codes sent to the user via email, SMS, or a mobile application. A new OTP is generated for each authentication request. Multi-Factor Authentication serves as an additional security measure, necessitating one extra verification factor beyond the standard username and password.

Enabling MFA 

After logging into the admin UI on Switchvox, go to Setup>Admins>MFA Settings

Now, toggle the MFA button to enable MFA and confirm by selecting the “Enable MFA” button.

Configuring MFA

Once MFA is enabled, by default it will be in the admin section, as shown below on a freshly installed Switchvox. 

The Extensions section will look like below,

Configuring Email-id

Configuring Extension

Download backup Codes

Once the email-id/Extension is configured for the user/extension, it is advisable to download the backup codes for that user by Clicking the “+” icon under “Backup Codes” column. These backup codes will help when there are no authentication emails received via email or third-party authenticator app failure or call failure scenarios.

 

Note: Any configuration (either Email or Extension) is mandatory while MFA is enabled. 

Authenticating User/Extension

Authentication using Email

When we enable MFA by toggling the Enable/Disable MFA button, we get a new popup, as shown below, where we need to provide Email for getting OTP via Email or to get the third-party authenticator app configuration link. 

 

 

When the admin/extension user tries to login, after entering the proper credentials, now the admin UI login page will display 3 options for authentication.

Select the appropriate authentication method, if email is selected, then there is an email sent to the configured email-id, which contains the OTP.

Note: This OTP is valid only for the next 5 mins

 Enter the OTP front the email to authenticate login,

After successful authentication, the admin UI will be accessed.

Authentication using Call

When a call is selected, the Switchvox system will trigger a call to the configured extension,

The extension will get a call from Switchvox as “MFA Auth” 

Once answered, we need to press “1” after the beep, then the authentication will be complete, and the admin UI will be accessible.

Authentication using Third-party Authenticator Apps

The other option to authenticate a login is via a Third-party authenticator app, like Google Authentication or Microsoft Authenticator App. For this method to work, the user should have an email-id set. When this method is chosen for authentication, the user will get an Email, which contains the Secret key for the authenticator app, which should be configured on the user's mobile device. 

After successful configuration of the app on a mobile device, the App will have a 6 digit number, which will be regenerated every 30 seconds. A User should use this 6 digit number for authentication before they expire.

Resetting MFA

At any point in time, if the admin needs to reset MFA for user/extension, all MFA methods, third-party app secret, backup codes, OTP emails sent, or authentication calls in progress can be reset here by clicking the reset button under the Reset MFA column, and then accepting by pressing YES button for both admin and extensions individually.

MFA Permissions for admin users

Any newly created admin users can also be allowed to edit or modify the MFA settings by enabling proper permissions to that user under the permissions tab,

Note: Any other users can’t enable/disable MFA for super admin user.

 

Unable to render {include} The included page could not be found.