RightSignature- Mandatory enforcement of Two-factor authentication




Enforcing Two-Step Verification

By enabling this feature, you make the Two-Step Verification option available to all users on the account. Citrix strongly recommends use of Two-Step Verification as an additional layer of security to reduce the likelihood of any unauthorized access to RightSignature account.

Timelines

August 20th, 2020 onwards: Citrix RightSignature will enforce mandatory Two-factor authentication for all its users

Now Available: Opt-out from the mandatory enforcement to prevent future disruption (Not recommended)

Important!
All RightSignature accounts will default to requiring two-step verification for employee users from August 2020. Administrators will not be able to disable this setting until after the account’s Master Administrator completes a legally binding opt-out waiver.

You may find the opt-out waiver located in the Account > Settings > Account Settings section.

Once you click on the Fill out the waiver link, you are guided through the following screens:


After you have completed the opt-out waiver, ensure that the feature has been disabled by switching off the toggle button.

If you want to enable the two-factor authentication, at a later point of time, you can still do it by turning the feature on, using the toggle button shown.

________________________________________

Preview of details on Sign-in experience post August 20th mandatory enforcement!!



FAQ for standalone RightSignature users

The following section applies to RightSignature users who do not have access to any other Citrix products.

  1. What if any user doesn’t have their phone registered for Two-Step Verification?
If you are a master admin, contact Citrix Support at https://www.citrix.com/support/open-a-support-case/

If you are not a master admin, contact your account Admin. The admin can reset your Two-Step Verification from Account > Users section. You can enter their current phone number and start using two-factor authentication.


  1. What is the expiration time frame for the text / SMS or voice based passcode?
The text / SMS or voice based passcode will expire in 2 minutes.

Enabling Two-Step Verification

Two-Step Verification settings are managed at Account > Settings> Account Settings> Two Step Verification.

You are prompted to enter your country as well as the phone number you would like RightSignature to send an SMS or voice message to upon your account activation. You do not need to enter your country code, You can choose to receive either a text (SMS) message or a voice call to your provided phone number.

Pressing Send will send a code via the selected method to the provided number. Enter the code on the next screen in order to complete the setup of two-step verification. You are given the option to trust the device you are currently using. Use this if you do not want to be prompted for another verification code when using this computer and browser in the future.

Can I force my users to use Two-Step Verification?

For new users, the activation process will require that the user enter a phone number that is enabled for text message (SMS) or voice. For example:

For existing users, the user is prompted to enter the phone number that is enabled for text message (SMS) or voice on the next login from the Web App, mobile app for iOS and Android. See the Web App example:

Disabling Two-Step Verification

You can disable this feature for all users on your RightSignature account at Account > Settings> Account Settings> Two Step Verification. Please note that the opt-out waiver should be filled before disabling. Refer to the note section for opt-out waiver.

Login with Two-Step Verification

After you have set up your Two-Step Verification, you will be prompted for your verification code after logging in to RightSignature on a computer you have not opted to trust. You must enter the code you have received most recently in order to proceed to your RightSignature account. If you do not receive the code, you can select I didn’t receive a code for more options. If you are still unable to get in to your RightSignature account, please contact your RightSignature administrator.

You will see an additional option for the verification code:

Reset User Phone Numbers

Master admins requiring their phone number to be reset will need to contact support.

If a non-master admin has to change their primary phone number used for two-step verification, the account master admin may initiate the reset. To do so, navigate to Account > Users and click on the user’s name that requires the reset. This will direct you to that employee’s profile page where the master admin can click Reset two-step verification under Actions.

A confirmation message will be displayed and after clicking Reset, the user will be emailed a hyperlink that expires in 15 minutes.

After the user clicks the hyperlink in the email, they will be directed to the login page to enter their credentials. Once authenticated, they will be able to enter their new phone number and complete the two-step verification setup.

Related:

  • No Related Posts

Leave a Reply