Two factor (2FA) autorization

Two-factor authentication (2FA) is an additional security measure on top of a valid username and password. Once logged in with a correct username and password, RetailVista ERP will still prompt for a 2FA code. This code can be generated in an authentication app on a phone. The advantage of 2FA is that even if a colleague of another colleague knows the username and password, they still cannot log in. This is because that user does not have their colleague's phone and therefore cannot provide a valid 2FA code.

The setup of 2FA is initially done by the application administrator for the entire RetailVista ERP environment. All users logging in from that moment onwards are required to go through a 2FA activation process. A choice must then be made on which phone and with which authentication app to work. Virtually all authenticator apps are free, and NedFox has had good experiences with both Microsoft Authenticator and Google Authenticator. But the standard authenticator functionality available on Apple iPhones has also proven to work well.

After logging in, RetailVista will determine that 2FA has been activated for a user and that a user has not yet been assigned a 2FA code to their user account. At that moment, a QR code is displayed on the screen, which must be scanned with the camera of a phone, from within the installed Authenticator app. From that moment on, a unique number will be displayed in the authenticator app for RetailVista ERP, which changes every 30 seconds. This is the code that must be additionally provided after a successful login. The 2FA functionality only applies to RetailVista ERP and not to RetailVista POS or RetailVista Mobile.

In company maintenance, in the 'Advanced' tab, the application administrator can activate 2FA for all RetailVista ERP users.