Submit a Ticket My Tickets
Welcome
Login  Sign up

Security 2020 Multi-Factor Authentication and Security Enhancements for CAKE Admin Portal

This article will cover:



What is Multi-Factor Authentication?


Multi-Factor Authentication (MFA) is a security system that verifies a user’s identity by requiring multiple credentials. 

In CAKE, the first form is the username and password, and the second form is the unique code generated by an application on the user's mobile device. 


MFA is only for CAKE customers and not available for Advertisers, Buyers or Affiliates. 


CAKE is excited to announce a bundle of new features focused on security for our users. The major milestone in this release is Multi-Factor Authentication.



What Is Being Released: Settings


To Access Settings, follow these steps:

  1. Click on the Setup icon
  2. Click on the Security sub tab
  3. Click on Settings

CAKE has an entirely new section where you can manage all of your security settings for all portals of your CAKE instance.

  • The Security sub tab was added to house all of the security-centric settings in CAKE. We migrated settings from Setup > Settings to Setup > Security.
  • Within the Setup > Security sub tab we have added the new security setting:  Enable Multi-Factor Authentication. When enabled all employee's roles will be required to set up MFA on their next successful login to the CAKE Admin Portal. For users who have set up MFA, they will be required to enter a code from a mobile application on their phone (this requires an Authentication Application which can be downloaded from either the iTunes or Android Store).  
  • Please note: Setup > Security > System Access sub-tab is only accessible to users who have MFA enabled on their system.  Please see below for instructions to setup MFA.



What Is Being Released: System Access

Once authenticated via MFA, the Setup > Security > System Access sub tab contains all features related to accessing your CAKE system:
  • IP Whitelist (previously found in the Other Lists section)
  • API keys (previously found in Permissions section)
  • Admin API Key has a Click to Show API Key Interaction
  • Admin API Key Aliases in order to name your API Keys how you want (for example where you are using specific keys)


Multi-Factor Authentication Best Practice and Setup


Before you enable the Multi-Factor Authentication setting, it is best practice to execute the steps below:

  1. Download the Authenticator app on your mobile device.
  2. Establish an internal release date.
  3. Communicate that all employees must download the mobile application before the internal launch date. Note the communication should be focused on employees since Affiliates, Advertisers, and Buyers are not impacted by the Enable Multi-Factor Authentication setting.
  4. Enable the Enable Multi-Factor Authentication setting on the internal release date.


Upon next login attempt, all employees will be prompted with the Setup MFA Code Screen.


  1. Scan the image with the Mobile App on your phone
  2. Enter the 6 digit code from the mobile application
  3. Hit Submit button
  4. You should be logged in successfully
  5. You have successfully setup MFA for your account!


All employee contacts login attempts moving forward will require the 6 digit code after the username and password is entered.

If are you redirected back to the login screen that means that either the username-password combination or the MFA code is not correct user will be redirected back to the login page with an invalid login message. All of the following username, password, and MFA code must be correct in order to login once the global setting has been enabled.

Enable MFA

Zoom:

Once you enable Multi-Factor Authentication users will need to use the second form of authentication to login into your CAKE instance. Please be sure to let all employee's know prior to enabling this feature as it will force users to setup MFA on their mobile device.

Setup MFA Code

Note:

Setup MFA Code Screen is only displayed to users who have not set up MFA yet. This screen is displayed after they have provided their username and password. If either the username and password or the MFA code is incorrect the user will be redirected back to the login screen with a generic message saying the login was invalid. Setup MFA Code Screenshot


Provide MFA Code


Provide MFA Code Screen is displayed to users who have successfully set up MFA for their account. If either the username and password or the MFA code is incorrect the user will be redirected back to the login screen with a generic message saying the login was invalid.


Recover Account vs. Change Password

Contact Card > Recover Account button has been added to allow users to recover an account in the event that a user is unable to login. Clicking Recover Account clears the Username, Password, and MFA Code. This will require users to set a new password and set up MFA again. If you wish to only reset the user's password but not the MFA device, you can click the Reset Password/Change Password button. Note that Change Password is only displayed on your contact card.


A new system Alert for Login From New IP/Device, this alert will be sent to users who have logged in from a new location or device. A simple email informing the user of the login IP and Device.



Downloading the Authentication App

Users can choose either the Google Authenticator or the Microsoft Authenticator mobile applications.  Follow the links below to download the authentication app that is required to setup MFA.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.