You can enable two-factor authentication within your ISMS.online account to improve your login security.


Setting up two-factor authentication

Note: You will need a mobile device to hand to be able to set up two-factor authentication.

  1. Hover over your name/avatar in the top right of ISMS.online
  2. Click 'User Settings'
  3. Click 'Setup 2-factor authentication'
  4. Follow the steps on the screen to complete this. Please ensure to keep your backup code somewhere you can access it without your mobile device (the backup code is visible in step 3 of the on-screen steps).

Removing two-factor authentication

If you have access to your ISMS.online account and would like to remove two-factor authentication for your ISMS.online account:


  1. Hover over your name/image and click on 'User Settings'
  2. Click on the 'Disable 2-factor authentication' link
  3. Enter your ISMS.online password and click on the 'Disable 2-factor authentication' button


If you do not have access to your ISMS.online account and are unable to access your 2FA device, we first suggest that you attempt to log in using your backup code.


To do this:

  1. Go to https://platform.isms.online
  2. Enter your login details and click 'Sign in'
  3. Enter your backup code in the 'Authentication code:' field and click 'Authenticate'

Viewing users within your organisation with two-factor authentication (2FA) enabled

Note: You must be an organisation administrator to carry out these actions.

You can view the users within your organisation that have 2FA enabled within the registered user's area.

To do this:

  1. Hover over your name/avatar in the top right of ISMS.online
  2. Click 'Organisation settings'
  3. Click 'Registered users'
  4. Observe the '2-factor authentication' column within the Registered users listing

Disabling two-factor authentication (2FA) for users within your organisation

You can remove two-factor authentication from users within your organisation. You might want to do this if a user within your organisation has forgotten their 2FA backup code.

Instructions:

A platform administrator can carry out the following instructions to disable 2FA for a user:

  1. Hover over your name/avatar in the top right of ISMS.online
  2. Click 'Organisation settings'
  3. Click 'Registered users'
  4. Click on the name of the user that you would like to remove 2FA for
  5. Click on 'User Settings'
  6. Click 'Disable 2-factor authentication'
  7. Enter your password and click on the 'Disable 2-factor authentication' button


The user will now be able to log in without needing to enter a 2FA code.


Note: 

  • You must be an organisation administrator to carry out these actions.
  • If unable to access your 2FA device, we first suggest that you attempt to log in using your backup code.