Secure device access is critical when working with personally identifiable information.

Users verify their identity by entering their credentials (username and password). This ensures that only authorised users can access the app and the data it contains.

Two Factor Authentication (2FA) adds an additional layer of security by requiring users to provide a second form of authentication. This is a verification code sent to their mobile device or email depending on the system configuration, in addition to their login credentials. This helps prevent unauthorised access even if a user's login credentials are compromised.

Configuration options

• Set Two Factor Authentication (2FA) communication method (SMS or email)

• Set Two Factor Authentication (2FA) request time period (default 2 weeks)

Pre condition

User has an account

Triggers

User enters their username and password

Standard flow

1. Navigate to OpenCRVS instance address eg. www.farajaland-opencrvs.org

2. Enters username

3. Enter password

4. Click ‘Login’

5. If Two Factor Authentication (2FA) required (…)

   1. User checks their email for 2FA code

   2. User checks their phone for 2FA code

6. User enters 2FA code

7. User click ‘Verify’

8. User shown loading screen

9. User successfully logged

Post conditions

• User is logged into their account

• User audit updated to show user logged in (time, ip address and device,

Variations/Exceptions

• Error if username and password combination not recognised

• Error if 2FA code is not valid