Sign In to kaleyra.io Using Two Factor Authentication(2FA)

'Two-Factor Authentication' (2FA) is a security method that requires you to verify your identity using two different factors, your kaleyra.io password and a code sent to your device. This adds an extra layer of security to prevent unauthorized access.
The first factor of authentication is done through your username and password. The second factor of authentication is done with the help of a One-Time-Password (OTP) sent to the user's registered phone number or to the user’s registered email based on your account configuration. After the OTP verification is successful, the user is provided access to the kaleyra.io application.

Key points about 2FA

The following are the key points about 2FA that are applicable to all types of kaleyra.io accounts.

• For all the existing accounts and the accounts that are registered newly on kaleyra.io, the 2FA feature is enabled by default. When 2FA is enabled, all the user logins are required to be 'OTP' verified in addition to username and password authentication.
• After a successful login with 2FA, a user can logout and log in again any number of times without the OTP verification for the next five (5) hours.
• The account Owner can enable or disable the 2FA feature for the kaleyra.io account from the User Interface itself; if the 2FA feature is disabled, any user of the account can login to the account just with username and password authentication.
• The account Owner can select if the 2FA OTP is sent over SMS or over email. This configuration applies to all the users of the account. The default option at account creation is email.

Key points about the 2FA OTP

• The 2FA OTP is valid for five (5) minutes.
• The 2FA OTP code becomes invalid after the first successful sign-in to kaleyra.io.
• An OTP can be triggered three (3) times and when re-triggering is done more than thrice, then the account gets temporarily suspended.
  However, you can get the account re-enabled by the kaleyra's operations team. If you get locked out of your account, please contact your kaleyra representative.
• Upon triggering OTP thrice without any successful login, if you do not re-trigger another OTP for the next 24 hours, the allowed number of attempts to re-trigger the OTP is reset to 0; and, you will again have three attempts to login using the right OTP code.

Mandatory and advanced security measures implemented using 2FA

In addition to the normal sign in activity where the 2FA is enabled, the following security measures are implemented using 2FA within kaleyra.io, regardless of the 2FA setting being enabled or not for the account.

Actions that require to be validated mandatorily with 2FA

• A user changes the password.
• A user resets the password using the "Forgot Password?" link.
• The account Owner disables the 2FA feature from the kaleyra.io settings page.
• A user attempts to login after one week of inactivity in kaleyra.io.
• A user login is attempted from a different IP address than the previous login.

As additional advanced security measures, the users are notified through email when any of the following activities are detected:

• When concurrent logins are detected using your username and more than one the sessions active for an account, an email is sent for each new concurrent login with a 'multiple concurrent logins detected' message.
• When a login is attempted by a given username after 30 days of inactivity, an email is sent to the user with an 'unusual activity is detected' message.
• When a login is detected from a different IP address than the last login, an email is sent to the user with a 'New sign-in detected for your account' message.

Sign in to kaleyra.io using your login credentials

The following steps show how the 2FA feature is enabled when you try to log in to kaleyra.io application using your login credentials.

1. Enter the kaleyra URL in the browser Kaleyra login.
   The kaleyra login page appears.

2. From the Region dropdown list, select the applicable option:
   • Europe – Select if you are registering from European countries.
   • India – Select if you are registering from India.
   • Rest of the World – Select if you are registering from any countries other than European countries or India regions.
3. Enter your login credentials in the Email address and the Password fields.
4. Click Login.
   The Two Factor Authentication page appears.

2. Enter the OTP that is received on your email or mobile number.
3. Click Verify.
   On successful OTP verification, you are logged in to kaleyra.io.

Sign in to kaleyra.io using your Google email account

The following steps show how the 2FA feature is enabled when you try to sign in using your Google email.

📘

Note:

Continue with Google option can be used, only if your registered username is a Google-powered business email, that is your company is using Google Gmail as the corporate email service provider.

1. Enter the kaleyra URL in the browser Kaleyra login.
   The kaleyra login page appears.

2. Click on Continue with Google.
   The Choose an account screen appears.

The Two Factor Authentication screen appears.

3. Enter the OTP received on your registered email or mobile number.
4. Click Verify.
   On successful OTP verification, you are logged in to Kaleyra.io.

Sign in using 2FA after setting new password using the Forgot Password? link

The following steps show how the 2FA feature is enabled when you try to reset your password by resetting the password using the Forgot Password? link.

1. Enter the Kaleyra URL in the browser Kaleyra login.
   The Kaleyra login page appears.

2. Click Forgot Password?
   The Recover Password screen appears.

3. From the Region dropdown list, select the applicable option:
   • Europe – Select if you are registering from European countries.
   • India – Select if you are registering from India.
   • Rest of the World – Select if you are registering from any countries other than European countries or India regions.
4. Enter the Email address to which the Reset password should be sent.
   The following screen appears.

A change password link is sent to the specified email address. The sample email for resetting the password:

4. Click the Reset Now link in the mail body.
   Reset your password screen appears.

5. Perform the following steps:
   • In the Password field, enter the new password.
   • In the Confirm Password field, enter the new password.

📘

Note:

Your password must contain the following:

• Minimum of 8 letters.
• An uppercase and lowercase letters.
• A number and a special character.

5. Click Save New Password.

   The Two Factor Authentication screen appears.

6. Enter the OTP received on your registered email or mobile number.
7. Click Verify.
   After successful verification, the Password Changed page appears.

7. Click Return to Login.
8. On the Login page, enter your Email and the newly set password to access kaleyra.io.

Change password using 2FA

The following steps show how the 2FA feature is enabled when you try to change your password within k.io.

1. On the kaleyra menu, select the Directory option.
2. Go to User Profile section on the right side of the screen and select Change Password.

The Change Password screen is shown.

3. Enter the relevant passwords in the Current password, New password, and the Confirm new password fields.
4. Enter the OTP received on your registered mobile phone.
5. Click Save Changes.
   The password is changed.

Disable 2FA

Only the account owner (administrator) can disable the 2FA feature for all the users of the account.

To disable 2FA for an account:

1. Go to user profile section and select the Settings option.
2. Select the Security option under Settings.

3. By default, the Two Factor Authentication toggle is enabled.
4. Toggle the button to disable the Two Factor Authentication feature for all your account users.
   Disable Two Factor Authentication window appears.

5. Enter the OTP received on your registered mobile phone.
6. Click Disable.
   The 2FA for the login is disabled for all the team members of the account.