Two Factor Authentication

Two Factor Authentication (2FA) is an alternative method for LMS access, enabling registered users to efficiently and securely restore forgotten login credentials without administrative intervention. This is an optional feature that can be enabled and disabled by an LMS Portal Administrator at any time.

The standard process for LMS Password Reset remains. The Forgot Password link is still available for portals using 2FA, and it continues to be a good option for those users who recall their username and email address.


Feature Overview

Two Factor Authentication helps registered LMS users get to their home page by presenting challenge questions that are difficult to answer without deep personal knowledge of the user. Once enabled, the LMS login page will offer a new link, Forgot Username. 
 
When a user does not remember the username associated with her account, 2FA can identify her by first name, last name, and either her location code or her email address.  The option to use location or email address as an identifying parameter is determined by the setting chosen on the LMS Information page. Once identified, the system presents two security questions to authenticate the user. When the user answers those questions correctly, they are redirected to the LMS home page. From there, users can view or edit their username, email address, and change their password, if necessary.

This document provides information and instruction for both portal administrators and students.


Portal Administrator Guide to 2FA

This section contains the information needed to enable or disable Two Factor Authentication, in addition to important support-related information about the feature. 

Configuring Two Factor Authentication

Portal Administrators have the ability to enable or disable 2FA for their LMS portals using the following steps:

  1. Log in to a portal administrator account.
  2. On the left navigation menu, select Site Management => LMS Information
  3. On the LMS Information page in the LMS Configuration section, check the 2 Factor Authentication box to enable 2FA. Remove the check if you are disabling the feature.
  4. From the dropdown list next to the 2 Factor Authentication box, select either Email or Location as the additional identification parameter you wish to enable.
  5.  Click Submit.
    Image of the LMS Configuration page options for two factor authentication

Note: Once you turn it on, 2FA is immediately active in your LMS. All users will be required to set up Challenge Questions when they next log into the system.  If you select Location as the additional identifier, note that your users who use 2FA to recover their access to the LMS will need to be aware of their Location Code. If you select Email, the user must use the email address associated with their LMS account. Latitude strongly urges Portal Administrators to communicate all the necessary information about the use of Two Factor Authentication to their user base prior to enabling it.

Support Information About Two Factor Authentication

For support purposes, Portal Administrators can view a user’s authentication questions and answers from the General Info tab of the user’s account. The information is display-only and cannot be altered by a portal administrator unless he or she impersonates the user, an action which requires sensitivity to the potential  impact on the user account.

If a user fails the Challenge Questions six times, the authentication process is terminated and the user is returned to the login screen. They must contact the Portal Administrator for additional help.

Student Guide to 2FA

This section contains information on how students set up Challenge Questions and use 2FA to access the LMS.

Setting Up Challenge Questions

Once 2FA is enabled, the first time a user logs into the LMS they will be required to set up two Challenge Questions on the Personal Security Questions page. The questions available are a standard list provided by Latitude.  

  1. Select two Security Questions and provide your Answers in the free text fields below each question.
  2. Click Submit. The questions and answers will be stored with your account information.



To modify your Challenge Questions and answers at any time after your first login:

  1. Log in to your account.
  2. Open My Details tab.
  3. Under the General Information section, make desired modifications to questions and answers.
  4. Click Submit.


 

Using 2FA When You Forget Your Username

If you can't remember your LMS username, you may have difficulty resetting your password, which requires such information to identify your account. If Two Factor Authentication is enabled, it provides you a process for getting into the LMS without contacting your administrators.

To access your LMS home page using Two Factor Authentication:

  1. On the login page, click Forgot Username  This will only appear for portals that have enabled the feature.



  2. The "Need more help" popup window appears and requires information that can be used to identify your account. These entries are not case-sensitive, but must otherwise match your account data exactly.



    a.)  Enter your First Name and Last Name as they appear in your LMS account.
    b.)  Enter your Location Code or Email, depending on your 2FA Configuration. The location code represents your profile location in the LMS. If you have multiple profiles, the system will look for the specified location in all of them. If you must enter your email, it must be the address associated with your LMS account.
    c.)  Click Submit.

  3. Once your account is identified, you must answer both Security Questions and then click Login.



  4. The system returns you to your LMS Home Page. Review your account information under My Details. You may also reset your password from that page.