Last week I shared with you how you could help us in securing your data: use two-factor authentication when you log in to your Nerdio desktop. As a reminder, you get a one-time passcode via text that you enter after you enter your username & password.
With our commitment to security, we are now introducing two-factor authentication for our Nerdio Admin Portal users as well. It’s part of a major feature we have released called “Enhanced security”. This new layer of security on the portal works in two ways –
- Only users from whitelisted IP addresses are allowed to log in to Nerdio Admin Portal
- Users that log in from a non-whitelisted IP address are required to go through a two factor authentication process
We don’t want the second factor in the authentication process to become burdensome for known and trusted users. In order to know who these known and trusted users are, we look up the IP address from which they visit the portal website.
You, as an administrator, must specifically tell us that the IP address can be trusted. In other words, you must whitelist the IP address. If you aren’t visiting from the whitelisted IP address then we will send a passcode via text message to your mobile number.
Which brings me to my next point: make sure you have entered your mobile number on your account profile in Nerdio Admin Portal. See instructions below:
Enhanced Security is not enabled in your account by default. Only administrators can enable it and add the whitelisted IP addresses. Follow instructions in this knowledge base article. I encourage you to start using Enhanced security as soon as possible.
PS: If you are looking to read up and learn about two-factor authentication, here’s a good blog post I found that explains it quite well: https://heimdalsecurity.com/blog/start-using-two-factor-authentication/. Just to be clear, we are in no way related to or endorse the author or Heimdal Security.