What it is?
Two-factor authentication is the combination of two different components. In the case of BIMachine, it is the password set by the user and a 6-digit alphanumeric code (containing letters and numbers) that is sent by e-mail and expires in 15 minutes.
With this functionality, when you log in on a different device, you will receive an email, sms or whatsapp with an authentication code. This way, you’ll have greater security, since only you or the users who have access to the e-mail will have access to the account.
How does it work?
If the code you entered is invalid, you can rewrite it or click on “Resend code” and a new code will be sent to you. However, if the code is valid, you will be redirected to the BIMachine platform and can use the platform as normal.
Why is BIMachine using two-factor authentication?
In addition to a login and password, BIMachine now requires a code to log in with two-factor authentication. However, it is not always that the user is asked for this authentication. There are certain situations that make this login verification necessary. These include:
- New IP: When a new IP address is detected, the authentication code is requested to ensure that this is not an improper access attempt from an unknown location.
- Different device: When trying to log in on a device that has not previously been used to access the account, you will need to enter the authentication code. This helps prevent unauthorized access from unknown devices.
- Expired sessions: When a session expires and the user needs to log in again, they will be asked for the authentication code to ensure that it is the legitimate user trying to re-establish the connection.
Two-factor authentication is a security measure required in many cases for ISO certification, and is therefore a basic requirement for access to the BIMachine, as it is for many other everyday software and applications.
Implementing two-factor authentication (2FA) in BIMachine is an essential security measure. Even if someone discovers your password, they won’t be able to access your account without the second authentication factor. In compliance with the General Data Protection Act (GDPR), we ensure that users’ personal data is protected from unauthorized access, and the use of 2FA is crucial to comply with this legislation. In addition, the prevention of shared logins, as stipulated in our contract, is reinforced by 2FA, ensuring that each login is made by the authorized user.
Protection against threats such as phishing and brute force attacks is significantly improved, since 2FA requires a second factor that cannot be easily obtained by attackers. This extra layer of security provides confidence and peace of mind, allowing you to use the BIMachine platform with the certainty that your account is well protected. With these precautions, we offer a safer and more reliable environment for all our users.