Our platform offers the option to enhance the security of your Kenna instance by enabling two-factor authentication. Also known as 2FA, this type of authentication adds an extra layer of security to your account by sending a one-time verification code to any supporting applications.
Anytime you sign into your Kenna account, you'll be prompted to add a verification code in addition to your password.
This document assumes that you have already created a Duo account.
Note: two-factor authentication is not supported if you access Kenna using a single-sign on (SSO) method. If you use SSO, please see our article on SAML configuration.
Configuring in Duo:
1. Within your Duo account, navigate to Applications | New Application. Select "Web SDK" and assign it a name.
2. Gather: API Endpoint, Integration Key, and the Secret Key.
3. Set Username Normalization to "Simple." Click Save.
4. Next, you'll need to add each individual user within your Kenna instance to Duo. In the left-hand tab, select Users | New User, and enter each new user's information.
NOTE: The Duo username needs to match the prefix of the email address used within your Kenna client (e.g. "john" in Duo would map to "firstname.lastname@example.org").
Enabling in Kenna:
1. In your Kenna instance, click the dropdown in the menu and select Two-Factor Authentication.
2. On the Settings screen, enter the API endpoint, Integration key and Secret Key from Duo.
3. Once you click Save, two-factor authentication is enabled for your account.
1. Whenever you sign into your Kenna instance, you will be prompted to verify authentification using your preferred validation method (push, phone, etc.)
How is 2Factor enabled, on the client-level or user level?
Two-factor is currently available on the client-level for your organization.
I know there are several two-factor authentication services. Which services does Kenna support?
At this time, Kenna only supports two-factor through Duo Security.