TurnKey Lender supports two-factor authentication to ensure a higher level of security for employees and borrowers using your lending platform. If two-factor authentication is enabled for the user, then by logging on to the TurnKey Lender and entering the correct password the user will be sent a one-off code (by SMS or directly to the log file in the 'trunk' project) which must be entered to log on to TurnKey Lender.
...
The use of two-factor authentication is enabled/disabled independently for Front-Office users (borrowers) and Back Office users (employees). Two-factor authentication can be enabledin the web.config file by adding the following lines.
<!-- two factor authentication for clients --><add key="Enable2FactorAuthCustomers" value="true" /><!-- two factor authentication for back end users(officers) --><add key="Enable2FactorAuthOfficers" value="true" />. Reach out to your TurnKey Lender account manager and we'll be happy to enable it for you.
If two-factor authentication is enabled for Front-Office users, it applies only to newly created accounts. This feature can't be enabled for Front-Office users created before it was turned on.
Borrowers
- Back-office settings: In order to use two-factor authentication, SMS notifications have to be activated in Settings > Integrations > SMS notifications.
2. When a Borrower's creates their first Loan Application, the System automatically initiates the creation of a new customer account.
3. When a user logs off from their customer profile, they will have to complete two-factor authentication in order to log back in.
4. In order to log on to the account, the Borrow clicks on the Login button and enters their Login (email) and Password.
5. In the Verification code box, the user has to enter the code they received via SMS text and Click Submit to complete the login process.
...
When two-factor authentication is enabled for the Back Office users, an additional checkbox appears in the Back-Office user editing window. It allows for enabling/disabling this authentication for individual users. Also, a phone number field is added. The SMS will be delivered to the phone number entered for each user.
Database
Physically, the two-factor authentication setting is in the TwoFactorEnabled field of the SecurityUsers table. The phone number for SMS delivery is taken from the PhoneNumber field thereof.
...
- The previous version of this article (in Russian / на русском): /wiki/spaces/EL/pages/38345