To make it easier for you to access the dashboard when you are working remotely (outside of your whitelisted addresses), Lemon Way now provides you with the Two-Factor Authentication (2FA) option.
To log into the dashboard, you currently have to enter your credentials from a whitelisted IP address. Please read How do I whitelist a fixed IP address on the dashboard and what do I do for a dynamic IP address?
This feature enables users to login from any non-whitelisted IP address thanks to a verification code. To activate 2FA option, you will have to scan or enter the secret key from an authenticator application (Google Authenticator, or Microsoft Authenticator or any other).
❗Only available on dashboard V2❗
The activation of the 2FA feature always needs to be originated from a whitelisted IP address
- Only Administrators can allow 2FA access to other roles, but each user needs to activate 2FA from a whitelisted IP adress
Please follow these 6 steps to activate 2FA on your dashboard:
Administrators : to give the 2FA option to other roles, you must edit the Roles permissions.
On the edit page, you will need to search for Two-Factor Authentication (2FA) and add this right to the selected role.
Any user with a role that has the 2FA permission can navigate in the menu to Configuration > Two-Factor Authentication.
To activate 2FA, you need to click Activate 2FA, download and/or open an Authentication app (Google Authenticator, or Microsoft Authenticator or any other), and scan the QR code or enter the secret key manually into the application. Then, enter the verification code received on the app in the form and clic on Verify button.
Once 2FA is activated, you can also Revoke it from the same page, in case you lose your phone. Note that in case of loss of the Authenticator app, you will need to access your dashboard from a whitelisted IP address to disable 2FA.
Once 2FA is activated, if you want to log in from an unknown IP address, you will be able to do so with the verification code provided in the Authenticator app.