Two-factor authentication

Note: This section applies to the Cleo Harmony and Cleo VLTrader applications only.

Two-factor authentication (TFA) is available for users when licensed for Unify in Portal. The two-factor authentication security option is available for users in the Privileges tab.

Note: Cleo Harmony only: if two-factor authentication is enabled, the user will not be able to use the Cleo Connector for Outlook.

First Time Registration:

The first time a user successfully logs in with TFA required, a notification appears with a username and password stating that an email has been sent to the registered email address with a link to complete the registration.

When the email arrives, click the link to navigate to the registration page. On this page, a wizard appears to help set up a client authenticator application. Choose a client authenticator application based on your system's needs. Recommended authenticator applications are Windows Authenticator, Google Authenticator for Android, and Google Authenticator for iOS, but any authenticator application that supports TOTP protocol will work.
A QR code and text representation of the shared key are presented. These contain the same information. Either can be used to synchronize the client authentication application with Cleo Harmony and Cleo VLTrader.
Enter the information into the authenticator application and click Next.
The verification step allows the user to test that the authenticator application has been set up properly. To test the application, enter the username, password, and code from the client authenticator application. Click Test. Upon successful verification, a success message appears, and the Finish button is enabled.

The user can now log into the system using two-factor authentication. Navigate to the login page and follow the Daily Use instructions below.

Daily Use:

Enter the username and password and click Log In. A dialog box appears with a field labeled TOTP Code (time-based one-time password).

Enter the code received from the client authenticator application and click Submit Code.

If the code is valid, login is successful.

Resetting TOTP Key:

To the right of the input field in the TOTP Code dialog is a Reset Key link. Clicking this link will deactivate the user's current two-factor authentication setup, send a new registration email to the user's email address, and instruct the user to reregister at login. Follow the first time registration process outlined above to set up the authenticator again.