Two-Factor Authentication (2FA) is an additional layer of security for the Infinity Portal. When a Primary Administrator enforces 2FA, Infinity Portal users must use an authenticator application on a mobile phone to confirm their identities before they get access to the Infinity Portal. If the authenticator application does not work, users can use SMS for 2FA.
To configure 2FA for your Infinity Portal account
-
Download one of these authenticator applications to your mobile phone:
-
Google Authentication
-
Microsoft Authenticator
-
Authy
-
-
In the Infinity Portal, open theProfile Settings page. In the upper-right corner:
-
Click the user name, or
-
Click the arrow next to the user name > Profile Settings.
The Profile Settings window opens.
-
-
Verify your mobile phone number for 2FA:
-
In the Phone field, enter your mobile phone number.
-
Click Send code.
Check Point sends an SMS to your phone with a six-digit code.
-
Enter the code in the Enter Code field.
-
Click Verify.
-
-
Optional - To r 2FA for all Infinity Portal accounts, toggle the Two-factor Authentication (2FA) switch to ON.
The Two-Factor Authentication (2FA) configuration wizard window opens.
-
Follow the on-screen instructions to connect the authentication app with the Infinity Portal.
Note - If you did not verify your phone number in the Profile Settings window, you must verify it in the Two-Factor Authentication (2FA) configuration wizard.
-
Click Finish to close the wizard.
To enforce 2FA for all users of the Infinity Portal account
2FA enforcement settings in the Identity &Access page apply to all users of this Infinity Portal account. Only a Primary Administrator can change these settings.
-
In the Infinity Portal, click > Identity & Access.
-
In the Two-Factor Authentication (2FA) section, select when to enforce 2FA:
-
Enforce Two-Factor Authentication for every login to this account -Users must use 2FA to log in with username and password and for login with SSO Single Sign-On (SSO) - A session/user authentication process that permits a user to enter one name and password in order to access multiple applications. through an Identity Provider A system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network. Acronym: IdP or IDP. (IdP).
-
Enforce Two-Factor Authentication for login with username and password - This option is selected by default.
A confirmation window opens.
-
-
In the confirmation window, click Enforce.
To reset a Two-Factor Authentication (2FA) authentication app for a user of the Infinity Portal account
An Admin or Primary Admin can reset the configuration of a 2FA authentication app (example:Microsoft Authenticator) for a user. Reset the authentication app when a user gets a new phone or has a problem with the app.
After the reset, If 2FA is required for account login, Check Point sends an authentication code in anSMSto the user's phone.Then, the user can log in to the Infinity Portal and create a new authenticator app configuration (see To configure 2FA for your Infinity Portal account).
To reset 2FA
-
Navigate to > Users.
The 2FA configured column of the table shows one of these 2FA configurations for each user:
Icon
2FA Configuration
The user does not have 2FA configured.
The user has 2FA configured with an authenticator app.
The user has 2FA configured with SMS.
The user has 2FA configured with an authenticator app and with SMS.
-
Select a user from the table and click Reset 2FA.
-
To see updated user information, click Refresh.