Two Factor Authentication Overview

In order to help ensure the data that you enter into your Softrip back-office applications is more secure, Softrip now offers a two factor authentication process. Two-factor authentication increases security by requiring you to enter a temporary code each time you log in to your account. This verifies that the person logging in to your account not only knows your password, but also has access to the device on which your two-factor secret code is stored.

NOTES

SoftripNet authentication does not support 2FA, it is only supported in SoftripNext authentication.
If your Softrip instance uses SoftripNet authentication, it will have to be updated and reconfigured to use SoftripNext authentication instead.
Reach out to your Softrip contact on how to update these settings.
If you are using SoftripNet (legacy) reservations, ask your Softrip support contact to review the STServerWeb setting IsPassThruLoginEnabled and the STServer setting PassThroughSession. If those setting are not set correctly, 2FA requirements will not take effect.
Ask your Softrip contact to check for required table UserLockout

Accessing two-factor

The below steps outline how to access the two-factor authentication settings in security.

Select the security subsystem
Select system settings in the drop-down
Expand the Defaults section in the navigation bar
Select "Two-Factor Authentication" from the menu

Note: The system settings screen under security houses all general settings that apply to many of the outputs throughout the Softrip application. This includes but is not limited to the market codes screen, brands screen, codes, city codes, required fields on the passenger page, and more.

Two-Factor Screen overview

Once users have accessed the Two-Factor Authentication screen, they will be able to turn on a global setting by selecting the check-boxes next to the user type.

Example

In order to force all internal users to set-up two factor authentication, select the check box under "Required - Internal" and then select "save." Once an internal users logs into their Softrip application for the first time, they will be forced to set-up the two factor authentication as laid out below.

With each corresponding user type is a drop down box labeled "method." The "method" is the avenue in which users will be using the third party authenticator.

If users select the check-box to require the two-factor authentication per user type, then they must also ensure the corresponding option under the method drop down is selected.

Setting up two factor

Once the appropriate settings are in place under the system settings in the security subsystems, users will need to log out and then log back into their Softrip application to see the changes.

From there, users will need to download and install one of three authenticator applications.

Microsoft Authenticator
- Supports Windows Phone, Android, and iOS
Google Authenticator
- Supports Android and iOS
Authy
- Supports Android, iOS, Windows, or Mac

Once the application of choice is downloaded and set-up, users will either need to scan the QR Code or enter the authenticator key provided.

Below is an example of a QR code and/or the key users will want to enter into the two factor authenticator application once it is downloaded.

Once the code is scanned or the key is entered, the two factor authenticator application will respond with a unique code. This code/token should be entered into the token field provided in the pop-up in your Softrip application. Once your token is entered into the field, select "enable."

Video

(Please note that this video displays the full process of how to set-up a global two-factor setting under the security sub-system as well as discusses how to enter your codes and token in your two-factor authenticator application. Not everyone within the organization will need or should access the system settings option under the security subsystem.) https://youtu.be/cITsVpSrlo8