Home → Arctic Reservations → Users → Two-Factor Authentication
2.3. Two-Factor Authentication
Arctic offers the ability to set up two-factor authentication for user accounts to improve security. As passwords can be unreliable, easily intercepted or exposed through phishing, two-factor authentication offers an extra layer of security by requiring a second component during the login process. Specifically, the two-factor authentication in Arctic works with an authenticator app and requires the user to enter a secure code provided by their phone in addition to their password . This is a great additional security feature, especially for higher level user accounts like "Super Users" and "Administrators" that log in from different computers regularly.
To set up two-factor authentication, first login to Arctic. Next, click your user name in the blue bar at the top of the screen to access the "User" menu. In the "User" menu choose "Security". Then select "Two Factor Authentication".
On the "Enable Two Factor Authentication" page, Arctic provides instructions and links for downloading the recommended authenticator app. Currently, Google Authenticator is the recommended authenticator app available for this feature, although there may be other options available as well. To proceed, you first need to download and install Google Authenticator app on your phone.
When Google Authenticator is installed on your phone, you will be able to set up an account to use with it. When setting up a new account to be used with Google Authenticator, you have the option to scan a QR code or to manually enter a code from the provider.
Both of these options are available on the "Enable Two Factor Authentication" page.
If you choose to enter the code manually, spacing and capitalization do not matter as long as the characters themselves are entered correctly.
Note: It is not required that you have a Google account to use Google Authenticator. The Google Authenticator app provides two-factor authentication for a range of services, and does not transmit or store information with Google regarding your accounts. If you do have a Gmail account, your Gmail account does not have to be set up to use Google Authenticator in order to set up Two Factor Authentication for your Arctic User Account. Google Authenticator can be configured to just be used for your Arctic Login.
When setting up your Arctic Reservations account in Google Authenticator, you may be asked to choose a "Time Based" or "Counter" based format. Currently "Time Based" is the only supported mode for authentication compatible with Arctic. A "Time Based" account will provide you with a new authentication code every 60 seconds.
Once you have given the account a name, the account code has been scanned or entered manually and you have chosen "Time Based" for the format, click "Next" and Google Authenticator will provide you with an authentication code. Enter this code in the "Verify" section of the page and click the blue "Verify & Enable Two Factor Authentication" to complete the Two Factor Authentication set up.
When logging on, in the future, you will be required to enter the verification code provided by Google Authenticator before you can access anything on the installation. To retrieve the code, open Google Authenticator on your cell phone and enter the provided six digit code into Arctic to complete the login process.
If the computer you are logging in from is your personal computer or is the computer you always use to log in, you can choose to remember the computer as shown above. This will make it so that you rarely have to enter a validation code when logging in from this specific computer or device (every 6-12 months, Arctic may require you re-authenticate the computer, or if you clear your cookies).
Once you enter the validation code provided by Google Authenticator, select your "Remember Preference" and then click "Validate Login", Arctic will take you to your "Dashboard".
To disable the two-factor authentication on your user account. Log in to your account and again choose "Two-Factor Authentication" from the "Security" options in the "User" menu. Then click the "Disable Two-Factor Authentication" button.
Arctic will immediately remove the two factor authentication requirements from your account. You should also remove the account in Google Authenticator. To do this click and hold the account shown in the account list. This will open the menu so you can delete the account.
If you have any questions or run into any difficulties setting up two-factor authentication for your user account, please feel free to contact support.