Using two-factor authentication in Sitecore Personalize
If your organization uses Sitecore Cloud Portal, team members with an Organization Admin or Organization Owner role in Cloud Portal can enable 2FA for all Sitecore apps.
If your organization does not use Sitecore Cloud Portal, you can apply Two-Factor Authentication (2FA) to provide an additional layer of security to just your Sitecore Personalize account to ensure that you're the only person who can access your account. With 2FA, whenever you sign in to your Sitecore Personalize account, you must have your password and one verification code that the Google Authenticator application generates.
The benefits of 2FA are:
-
Protects against stolen or weak credentials.
-
Protects against remote attacks by requiring a code from your smartphone, in addition to your password.
-
Increases the security of all the Personally Identifiable Data (PII) that your organization captures.
2FA can be rolled out across your organization, making it mandatory for any user to log into their account. To enable this, contact your Sitecore representative. If 2FA has been enabled in your organisation, a banner displays when you log into Sitecore notifying you that 2FA is enabled. You will only have access to the Settings area of the Sitecore Personalize application until you set up 2FA. Click the Set up now button and enable 2FA on your account.
Even if your organization does not require 2FA, you still have the option to enable 2FA on an individual-basis, to protect your account. All you need is your Sitecore Personalize username, password, and a smartphone.