Two Factor Authentication for TopLeft

TopLeft supports 2FA with Time-Based One Time Password (TOTP) generators. Two recommended ones are Authy (Android, Apple) and Google Authenticator (Android, Apple).

If you have 2FA enabled for your PSA you should consider enabling it for TopLeft as well to increase your security.

Enable Two Factor Authentication

To enable 2FA for your account, follow these steps.

  1. Click your name in the top right corner of the page, then click Account.
  2. Click the "Two-Factor Authentication" button to browse to the 2FA configuration page.
  3. Click "Enable Two-Factor Authentication".
  4. Proceed through the setup wizard. You will scan the QR code to your device and provide the 2FA code to finalize the setup.

Backup Tokens

Backup tokens can be used when your one-time password application isn't available. This is useful if your phone is lost or destroyed, and you need to access your account. You can generate tokens from the 2FA management options.

You need to generate new tokens before they can be used.

  1. Visit the 2FA management page.
  2. Click "Show Codes"
  3. Click "Generate Tokens"
  4. Print these tokens and keep them somewhere safe.

Disable Two Factor Authentication

To disable 2FA from your account, follow these steps.

  1. Click your name in the top right corner of the page, then click Account.
  2. Click the "Two-Factor Authentication" button to browse to the 2FA configuration page.
  3. Click the "Disable Two-Factor Authentication" button.
  4. Click the checkbox to confirm that you are disabling 2FA for your account, then click Disable.

Reset Two Factor Authentication Device

If you have lost your 2FA device, you can have an administrator disable 2FA for your account so that you can add a new 2FA device. To remove 2FA from a TopLeft user account, follow the steps below. You must have administrator privileges to perform these steps.

  1. From the main menu in TopLeft, click Admin.
  2. Click Advanced Options.
  3. Scroll to the bottom of the side menu on the left, and click TOTP devices.
  4. Click the name of the user whose 2FA device you want to remove.
  5. Scroll to the bottom of the page and click Delete.

The user's 2FA has now been disabled. They will now be able to login into TopLeft without entering a 2FA token. They should follow the steps above to add a new 2FA device.

2FA Required Mode

Admins have the option to require 2FA before users can access TopLeft boards.

When in this mode, users can not access any boards without first enabling 2FA for their accounts. They will be redirected to an access denied message, and a prompt to enable 2FA will be displayed.

  1. From the main menu in TopLeft, click Admin.
  2. Click Advanced Options
  3. Find 'SECURITY_TWO_FACTOR_AUTH_REQUIRED_MODE'
  4. Check the box to enable and hit save

You can check which users have enabled 2FA.

  1. In the main menu click Admin.
  2. Click Users.
  3. Review the list of users. A checkmark in the 2FA column means the user has configured 2FA.

 

 

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Configuring TopLeft to use ConnectWise Member API Keys

TopLeft can make changes to tickets, projects, and other records as if an individual ConnectWise...

Synchronizing Data Manually

TopLeft synchronizes data with your PSA in a few ways. In addition to real-time notifications and...

Using ConnectWise Priority Colours On TopLeft Tickets

Configuring Ticket Priority ColoursTopLeft shows the priority of a ticket by the colour of the...

Configuring Autotask Ticket Priority Colours

TopLeft shows the priority of a ticket by the colour of the bar on the left side of the card....

Configuring TopLeft to Keep ConnectWise Closed Tickets

By default, TopLeft doesn't sync closed tickets from ConnectWise Manage. This also means that any...