Two-step verification

Available functionality depends on the system you are using. See Product comparison chart for more information.

Use the Two-step verification tab to enable and specify an additional login step on users of the Milestone Mobile app on their iOS, Windows Phone, or Android mobile devices or XProtect Web Client.

The first type is password and the second type, the verification code, you can configure to be sent via email to the user.

For more information, see Set up users for two-step verification.

The following tables describes the settings on this tab.

Provider settings > Email

Name	Description
SMTP server	Enter the IP address or host name of the simple mail transfer protocol (SMTP) server for two-step verification emails.
SMTP server port	Specify the port of the SMTP server for sending emails. Default port number is 25 without SSL and 465 with SSL.
Use SSL	Select this check box if your SMTP server supports SSL encryption.
User name	Specify the user name for logging into the SMTP server.
Password	Specify the password for logging into the SMTP server.
Use Secure Password Authentication (SPA)	Select this check box if your SMTP server supports SPA.
Sender's email address	Specify the email address for sending verification codes.
Email subject	Specify the subject title for the email. Example: Your two-step verification code.
Email text	Type the message you want to send. Example: Your code is {0}. If you forget to include the {0} variable, the code is added at the end of the text by default.

Verification code settings

Name	Description
Reconnection timeout (0-30 minutes)	Specify the period within which Mobile client users do not have to reverify their login in case of, for example, a disconnected network. Default period is 3 minutes. This setting is not valid for XProtect Web Client.
Code expires after (1-10 minutes)	Specify the period within which the user can use the received verification code. After this period, the code is invalid and the user has to request for a new code. Default period is 5 minutes.
Code entry attempts (1-10 attempts)	Specify the maximum number of code entry attempts, before the user will be blocked. Default number is 3.
Code length (4-6 characters)	Specify the number of characters for the code. Default length is 6.
Code composition	Specify the complexity of the code that you want the system to compose. You can select between: Latin uppercase (A-Z) Latin lowercase(a-z) Digits (0-9) Special characters (!@#...)

User settings

Name	Description
Users and groups	Lists the users and groups added to the XProtect system. If a group is configured in Active Directory, the Mobile server uses details, such as email addresses, from Active Directory. Windows groups do not support two-step verification.
Verification method	Select a verification setting for each user or group. You can select between: No login: the user cannot log in. No two-step verification: the user must enter user name and password. Email: the user must enter a verification code in addition to user name and password.
User details	Type the email address to which each user will receive codes.

Name

Description

Users and groups

Lists the users and groups added to the XProtect system.

If a group is configured in Active Directory, the Mobile server uses details, such as email addresses, from Active Directory.

Windows groups do not support two-step verification.

Verification method

Select a verification setting for each user or group. You can select between:

No login: the user cannot log in.
No two-step verification: the user must enter user name and password.
Email: the user must enter a verification code in addition to user name and password.

User details

Type the email address to which each user will receive codes.