# Managing 2-Step Verification

*<mark style="color:purple;">**This feature is only available on Onestop Enterprise**</mark>*

Onestop allows you to enforce 2 step verification on your portal for certain types of users. This gives you more control of the security and flexibility of your portal in automating your process flows.

## Enabling Two Factor Authentication

To enable 2 Factor authentication:

* Go to Portals
* Select the portal
* Go to the **Advanced** tab
* Click on the "Enforce 2-Factor Authentication" Button
* You can now configure more settings for 2-Factor Authentication as described in the next paragraph.
* Click the Save Button

<figure><img src="/files/wddF1kWmxVSoj949RhLy" alt=""><figcaption><p>Enforcing 2-Factor Authentication</p></figcaption></figure>

## Managing 2-Factor Authentication Settings

Once you have enabled 2-Factor Authentication you can configure more settings. Its important to note that if you do not explicitly configure the settings you want, 2-Factor Authentication will have default behavior that may not be ideal for your organization. Configuring 2FA settings allows you to take control of the 2FA process on your portal.

To Configure settings:

* Open your portal
* Click on **Edit 2-Factor Authentication Settings**

<figure><img src="/files/fx45rj0Mit2M3qevI41d" alt=""><figcaption><p>Edit 2-Factor Authentication Settings</p></figcaption></figure>

* You can configure the following settings for 2-Factor Authentication:
  * **Verification Methods**: Choose the methods that will be used for the 2nd factor of authentication after a user has already provided their password (the 1st factor). These include Email, Authenticator app etc. *If you do not select a verification method, all of them will be available on your portal*
  * Users to enforce 2FA for: These are the groups of users in Onestop who will have to use 2FA to acccess your portal. You can choose 1 or more of the 3 broad categories of users on Onestop i.e. Clients, Workers & Administrators. *If you do not select values here, all user will be required to used 2FA on your portal.*
  * Enforce 2FA on IP Change only: Only enforce 2FA when the user logs in from a new location, tracked via their IP address.
  * Re-Authentication Duration: The duration in hours since last login after which a user will be required to provide their 2nd Factor e.g. email verification token, SMS verification code etc.
  * IP Verification Duration: The number of hours since last login from a specific IP address after which the user must provide their 2nd factor, even if they are logging in from the Same IP address.

<figure><img src="/files/rYGlZwMyURmY9HpHm0gc" alt=""><figcaption><p>Configuring 2FA Settings</p></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://admin-docs.onestop.site/portals/managing-2-step-verification.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.