The Importance of Two-Step Verification in MagicINFO

Many businesses neglect the adoption of Two-Factor Authentication (2FA) in their operations. This exposes them to higher risks of cyber attacks.

For MagicINFO users, activating One-Time Password (OTP) which is a method of 2FA, is a highly advised step which will help protect their system against unauthorised access.

This article will explain the straightforward yet impactful ways that OTP/2FA can fortify MagicINFO's security, helping protect your business's valuable digital content. But first...

What is 2FA?

Two-factor authentication (2FA) is a security process that adds a second verification step to confirm a user's identity when accessing an online account. After entering a username and password, users must provide additional proof of identity.

This could be a code received via SMS, generated by an authentication app, or even biometric data like a fingerprint or facial recognition.

In the case of MagicINFO, a code (one-time password, OTP) is sent directly to the user after the initial password login, which must be entered to complete the login process.

Why is 2FA Important? How Does It Help?

As we discussed, 2FA enhances security by adding an extra verification step in the login process. This method helps protect accounts even if a password is compromised.

If a cybercriminal obtains your password, they still need the second verification factor. This can be a code from your phone, a biometric sign, or a security token to access your account. This makes unauthorised access significantly more difficult, safeguarding sensitive data within systems like MagicINFO from potential breaches.

How To Turn ON Two-Step Verification in MagicINFO

Activating 2FA in MagicINFO is as easy as clicking a few buttons. Here is how to do it.

1. Log in to your account with a server administrator role (required) and go to Settings > Server Settings > Password Policies.

• Password Expiration Period - Specify the duration after which a password must be renewed automatically. Meaning users will be prompted to change their passwords after the selected period. Most companies choose the 1-month option.
• Prevent Password Reuse - Forbids a user to use the same password after it expires.
• Password Change after Login - When an admin creates a new user and assigns them an initial password, that user receives a pop-up window prompting them to change it and use their own password.
• Two-Step Verification (OPT) - Enable the function for each user on the MagicINFO installation.

Now, when a user attempts to log in, they must set up their verification method.

There are various authenticator applications available. In this example, we will demonstrate how Google Authenticator, the most popular option, can be used for receiving one-time codes to log into MagicINFO.

3. Install and open the Google Authenticator app on your mobile device. Then, add the service by clicking the plus icon.

4. Click "Next" in MagicINFO, then scan the provided QR code using the Google Authenticator app. Once scanned, you will receive a 6-digit code in the authenticator. Enter this code into the highlighted field in MagicINFO to proceed.

Now, when the user logs out and logs back in, they can use Google Authenticator to generate a new 6-digit code.

Conclusion

It is essential to get all MagicINFO users to work safely with the platform. That is why setting up 2FA/OTP as part of your password policy is highly recommended. Even when your password is compromised, a password alone is not enough to pass the authentication check.

There are many other ways to protect your digital signage system, which we have covered in the following posts:

• How To Protect Your Digital Signage Devices From Hackers
• 8 Security Steps To Protect Your MagicINFO Server From Hackers
• How to Enhance Digital Signage Security with SSO / AD Integration

Additionally, we provide a Checkup Service where our experts will review your MagicINFO setup, identify security gaps and provide solutions to fortify your entire digital signage network.