New In This Release
Two Factor Authentication and Configurable Session Timeouts
Two Factor Authentication can now be enabled for Nrby portal users. When two factor authentication is enabled, a Nrby portal user will be presented with the login screen below.
After entering the correct username and password, the user will be emailed a six digit PIN as the second factor for authentication. That email will come from email@example.com and look like this:
And it should be entered into the next screen in the portal login process, that looks like this:
Like many two factor authentication systems, Nrby offers each user the ability to generate and save their own personal backup codes. While logged in to Nrby, click on the dropdown menu in the upper right corner, and then click on the first cell with the username and customer name (pictured below).
The next screen is the settings screen for that user. Two factor authentication can be enabled here for that user. The user can also click on the Generate Two Factor Backup Codes button after enabling two factor authentication.
Generating backup codes will invalidate any existing backup codes. So if previous codes have been printed or saved to a PDF for future use, those should be discarded when new ones are generated.
Backup codes, as explained in the next dialog, are codes that can be used in place of the emailed 6 digit PIN. These codes can only be used once. The codes must be printed or otherwise saved by the user because they will not be visible again after dismissing the dialog which displays them.
Nrby supports a Customer setting to force portal users with the ‘Customer’ role to use two factor authentication. When the ‘Force Two Factor Login’ setting is enabled, two factor authentication is automatically enabled for Portal users with the ‘Customer’ role. Those users can not disable two factor authentication as long as the Customer Setting is enabled. Portal users with the ‘Customer Admin’ role can enable two factor authentication on their account (or other Customer Admin accounts) manually by editing the user.
Nrby also supports a configurable Portal Inactivity Timeout setting (also depicted in the screenshot above). This setting controls how long the portal may be inactive for before the portal user is automatically logged out. The default timeout is now 90 minutes. This is the best value to use if you want a long timeout but still depend on new SmartPins created by mobile devices to automatically appear on the Nrby portal map without having to refresh the screen. Longer timeout settings may require you to refresh the Nrby screen to see new SmartPins created by mobile devices.
Account Locking after Failed Authentication Attempts
If a portal user fails to login after five attempts, Nrby will automatically lock that user’s account and email them a link to unlock their account. That email looks like this:
Clicking the unlock link from your email reader will unlock your account and bring you to the login page, where you can attempt to login again.
Note, the ‘Forgot your password?’ link and ‘Didn’t receive confirmation instructions?’ link still exist. In addition there is a new ‘Need to unlock your account?’ link. Pressing this link will cause the Nrby server to (re)send the unlock email to you.
NOTE: only the most recent unlock and PIN emails will work, and they will only work once. Once the unlock link has been clicked, and fails for some reason, you must receive a new link. If you have multiple PIN emails, only the most recent one will work.