Two-factor Authentication (2FA)

Two-factor Authentication (2FA) enhances the security of your Luma Skill Builder account by requiring a second login step in addition to your password. This extra step ensures that your account remains secure, even if your password is compromised. 2FA leverages a time-based One-Time Password (TOTP) generated by a supported authenticator app on your smartphone such as Google Authenticator, Twilio Authy, Microsoft Authenticator, or any other TOTP (Time-based One-Time Password) app. By enabling and managing 2FA at the tenant level, Administrators can ensure that all users are protected against unauthorized access. The flexible recovery process ensures that users can regain access to their accounts even if they encounter issues with their authenticator app.

Enabling Two-Step Verification at the Tenant Level

This is a tenant-level configuration. To enforce 2FA, the Tenant Administrator enables the Two-Factor Authentication (2FA) flag at the tenant level.

<image>

Once this flag is activated, 2FA is mandatory for all Bot builder users. Users logging into the Bot Builder must complete a two-step verification process. The User cannot disable it on their own, ensuring that all accounts are consistently protected.

User Registration for Two-Factor Authentication (2FA)

Once 2FA is enabled at the tenant level, users will need to register for 2FA during their next login.

Initial Registration

1. Upon logging into their tenant in Bot Builder with their username and password, users (who have not yet set up 2FA) are prompted to register their authenticator app. Click on Register.

2. The Bot Builder will display a QR code. Scan the QR using one of the supported TOTP-based authenticator apps (e.g., Google Authenticator, Twilio Authy, Microsoft Authenticator). Alternatively, you can manually enter a setup key provided by the Bot Builder into their authenticator app.

3. Upon scanning the QR code or entering the setup key, the authenticator app generates a 6-digit TOTP code. Enter this code in the Bot Builder to complete the registration.

4. Once verified, your 2FA setup is complete. For all future logins, a TOTP code will be required.

Subsequent Logins

After the initial registration, do the following to log in:

1. Enter your login credentials.

2. Once the password is authenticated, you will be prompted to enter the 6-digit code generated by the authenticator app.

3. Once the TOTP code is verified, access is granted to the Skill Builder.

Resetting Two-Factor Authentication

As a Tenant Administrator, you can view the 2FA configuration status for each user. If a user encounters issues with their 2FA setup, you can reset the 2FA for the user. The user must reconfigure 2FA during their next login.

To do so, the user must follow the below steps:

1. On the login screen, select the “Reset 2FA” option under the “Having problems?” section.

2. Upon selecting this option, you will receive a One-Time Password (OTP) via your registered email address.

3. Enter the OTP in the provided field to verify your identity.

4. Once the OTP is verified, the system resets the 2FA configuration for the user. The user must then reconfigure 2FA by scanning the QR code or manually entering the setup key into their authenticator app, as outlined in the initial registration process.