Overview
As part of our ongoing commitment to enhancing security, deverus is introducing Multi-Factor Authentication (MFA) for CRA admin logins within the deverus platform. This update will add an additional layer of protection by requiring a One-Time Password (OTP) for certain actions within the admin module. The updated release date is August 29, 2024. Below, we outline what is changing and what remains the same with this update.
What’s Changing
-
One-Time Password (OTP) for Email Changes
- When a CRA admin user needs to change their email address, an OTP will be sent to the new email address. The change will only be finalized once the OTP is verified.
- Additionally, a notification email will be sent to the user’s previous email address to inform them of the email change.
-
OTP for New User Activation
- Newly created CRA admin users will remain inactive until they verify an OTP sent to their registered email. Only after successful verification will the user be activated.
-
OTP for Sign-In
- Each time an admin user logs in, an OTP will be sent to their registered email address. This OTP must be entered correctly to complete the sign-in process.
-
IP Address Change Notification
- If an admin logs in from a different IP address than previously used, they will receive an email notification. This email will include the IP address and a general location (e.g., city or region) of the new login.
- The user will be prompted to contact support if the login was not initiated by them.
-
Email Verbiage and Sender Details
- All OTP-related emails will be sent from
no-reply@screening.services
- All OTP-related emails will be sent from
- OTP via SMS Text
- By popular demand, we've introduced the option to receive One-Time Passwords (OTP) via SMS text to your phone. Although a registration feature isn't available in the platform yet, you can request to switch to SMS OTP delivery by submitting a support ticket with your US phone number and sign-in username. Please note, once SMS OTP is enabled for your account, all OTPs will be sent via text instead of email.
Conclusion
These changes are designed to enhance the security of the CRA admin module by requiring an additional step of verification through OTPs and providing better notifications for unusual login activities. We encourage all users to familiarize themselves with the new workflow in advance prior to the release, which has been rescheduled for August 29, 2024.
If you have any questions or require further assistance, please contact deverus support.
Comments
0 comments
Please sign in to leave a comment.