You can use two-factor authentication for logging into Sansan to strengthen the account security. Even if the password to the account has been leaked or stolen, unauthorized entrance by third parties can be prevented with two-factor authentication.
If you enable two-factor authentication, when you log in to the following services, in addition to your ID and password, you will be asked for your authentication code.
- Sansan Web App (when using from web browser)
- Sansan Smartphone App (iOS/Android)
Enabling two-factor authentication
Two-factor authentication can be enabled from the User settings screen of each user.
How to do the settings:
1. Install an authentication app onto your smartphone.
Please install an authentication app onto your smartphone so that you can get a passcode for when you do the two-factor authentication. The Sansan two-factor authentication function works with a time-based one-time password (TOTP) app. Please use apps like those listed below:
- iPhone ... Google Authenticator, Authy
- Android ... Google Authenticator, Authy
- Windows Phone ... Microsoft Authenticator
2. Generate the authentication code
Open up the app you installed, and then take a picture of the QR code that is displayed on the Two-factor authentication screen of Sansan.
* In this sample, Google Authenticator is being used to show how to do the settings.
Open Google Authenticator, and then tap the Plus icon in the upper right of the screen. In the lower half of the screen, a menu will come up. There, tap on "Scan barcode".
The camera will open up, so please hold the camera up to the QR code displayed on the Two-factor authentication screen. The QR code will be automatically read in, and the Sansan settings will be added.
If you cannot use the camera function of your smartphone
If you cannot use the camera function of your smartphone or if for some other reason the reading of the QR code does not go well, you can also add the settings manually.
After tapping the Plus icon on Google Authenticator, select "Manual Entry" from the menu that comes up.
On the manual input screen, in "Account" put in the email address used to log in to Sansan, and in "Key", put in the string that is displayed when you click on "Display key instead" on the Settings screen for Sansan Two-factor authentication.
The key is displayed when you click on "Display key insteaad" on the Settings screen for Two-factor authentication.
Note:
The QR code and the manually input string are important information used to identify the user. Please handle them so that they are not seen by others.
3. Confirming the authentication code
When you open up the authentication app, a six-digit number will be displayed.
Please input this number into the Two-factor authentication screen on the PC.
The number displayed on the authentication app will automatically change after a certain amount of time has passed. Please finish inputting it while it is being displayed on the authentication app.
The settings for two-factor authentication are complete.
Logging in using two-factor authentication
When two-factor authentication is enabled, after authenticating your ID and password on Sansan, you will be asked for the authentication code for two-factor authentication.
Open up the authentication app you set up on your smartphone, and then input the displayed authentication code into Sansan. To authenticate from a smartphone, access the Sansan Web App via a browser and log in to Sansan.
*If "Please input the six digit code in one-byte characters." appears after input the displayed authentication code, the time on your device may be incorrect. Try restarting your device or synchronizing the time.
With the PC version , you can save the information used in the environment, and you can skip the two-factor authentication from the second time.
* With the smartphone app, this is automatically skipped.
For system administrators: Force disable of two-factor authentication.
If two-factor authentication is made to be required, the button will say "Reset" instead of "Undo". If a user, after installing the authentication app, loses his or her smartphone, or for some other reason the user is not able to input the authentication code, the Sansan system administrator can forcibly disable two-factor authentication for the user.
Force disabling of two-factor authentication can be done from first going to "Security settings" and then to "Two-factor authentication" from the administrator settings.
Please be aware that if an administrator forcibly disables the two-factor authentication of a user, the two-factor authentication for this user will be disabled until the user redoes the authentication settings.
Troubleshooting
Q: What should I do if I entered the authentication code, but received "Authentication failed. Please confirm the authentication code and re-enter it. Check here if it continues to fail.” and I can’t go any further?
A: In this situation, the following are possible:
- A code for something other than Sansan in the authentication app was used.
- The code was entered incorrectly.
- The time on the phone showing the code is incorrect
Go through the following steps:
- Make sure the code you entered is actually for Sansan.
- Be absolutely sure the code is entered correctly.
- Synchronize the time in the authentication app or restart the phone and synchronize the time.
If none of these solve the problem, please ask your system admin to force removal of two-factor authentication.
Q: What if the 6-digit input screen appears but the Sansan code is not shown in the authentication app?
A: If you’re using a different phone, the code may have been removed from the app. Please ask your system admin to force removal of two-factor authentication.
Q: What if I checked the box to save the currently used device but I'm asked to enter the code every time?
A: You'll be asked to re-enter the code in the following cases:
- You've deleted your cache, cookies, history, etc. If your security is set to delete cookies when you close your browser, you’ll be asked each time.
- You're logging in with an incognito browser.
- You're logging in with a different browser.
Q: Why am I suddenly being asked to do two-factor authentication?
A: Your company may have made this mandatory. For details, see, "Making two-factor authentication mandatory (security settings)".
Q: What should I do if I receive a communication failure message when I enter my authentication code?
A: Your system admin may have set a device restriction and your device may not be allowed. For details, see, “Authorizing devices that can use the Mobile App”.
*"QR Code" is a registered trademark of DENSO WAVE INCORPORATED.