Two Factor Authentication

2-Factor Authentication adds a second layer of security beyond the password for logging into PCRecruiter. It requires the user to have both their username and password, and access to an additional account or device to verify their identity. This feature will affect login to the PCRecruiter Web, PCRecruiter Mobile, PCR for Google, and PCR for Outlook.

Setup

An Administrative user in PCR will have to activate 2FA for each username individually. You can Activate 2FA by doing the following:

  1. Verify that your database has a working general SMTP account in the Outgoing Mail Settings.
  2. Open SYSTEM
  3. Open Users
  4. Select Manage Users
  5. Select a Username
  6. Click the Security option.
  7. Open the Security Policy section, if it isn’t already expanded.
  8. Click “Two Factor Authentication Setup”
  9. Click the Box to Enable
  10. Check any or all of the different methods you would like to allow that user to use for receiving authentication codes (described below).
  11. Save

The next time that user attempts to log in, they will be prompted with the 2FA Login.

Functionality

  • Upon entering the correct Username and Password combination the user will be prompted to select from the available Authentication Methods
  • A numerical Authentication Code will be sent to their email or app as selected.
  • After entering Code they will be allowed to log in to PCRecruiter

Methods of Receiving Authentication Codes

Email

Using this method, PCRecruiter will send an email containing a 7-digit numeric code to the Email Address stored in the User Record.  (System > Users > Manage Users > Username > Information > Contact Information > Email Address)  The user will have five minutes in which to enter the code in order to complete the login process. The email address is used as the alternate authentication method if the other options have been turned on but not connected.

Push Notifications

Using this method, PCRecruiter will send a code via Push Notification to the PCRecruiter mobile app. The user must have successfully logged into the PCRecruiter App at least once for this method to work. The app does not need to be open to receive the code, but the app’s notifications must be enabled. If the app’s cache has been cleared or the app has been uninstalled and reinstalled, the user must log in again before 2FA will work.

Authenticator App

Using this method, PCRecruiter will prompt for a numeric code generated by an associated Authenticator App or browser extension, such as Google Authenticator, LastPass, etc. To establish the initial connection with an app:

  1. Click the Settings gear icon next to the user icon at the top, right-most corner of the PCRecruiter main interface.
  2. Click ‘Add to Authenticator’
  3. Use the ‘Add’ option in the authenticator app of your choice to take a picture of the QR code presented on the screen.

A “Reset” button is available on the 2FA Setup screen. This button will clear the connection to the Authenticator app in the event that the user has lost their device or wants to re-connect the Authenticator from scratch.

Once configured, a PCRecruiter authentication code will be visible in the authenticator app. This code can be entered into the form to complete the 2FA login.