In Castor, you can configure two-factor authentication (2FA) for your account.
This means that, upon login, you will have to enter an extra authentication code generated by an authentication app on your phone or tablet. This adds an extra layer of security to your Castor account - potential attackers will need not only your account details, but also your physical device with your authentication app to be able to access your account.
There are 2 possible scenarios:
- Non-migrated user to the Castor Identity
- Migrated user to Castor Identity
Note: As part of our ongoing effort to make the login more easier across servers, all users will be migrated in the following months to the new Castor Identity. More on this here
Non-migrated user to the Castor Identity
To enable 2FA, first make sure that an authentication app is installed and updated on your phone/tablet.
In Castor, go to:
- Account Settings by clicking on the account icon
- In the bottom left corner and selecting Settings.
- Then, go to the tab Password & Security.
- Under the Two-factor authentication section
- Tick the box for Using two-factor authentication with this account.
- Then click the blue button below Activate two-factor authentication.
Now follow the instructions on screen, that will ask you first to open an authenticator app on your phone and then to scan the provided QR-code. (You can also manually enter the provided key situated under the QR Code)
Once you have scanned the QR code or entered the key, a 6-digit code will appear in your authentication app. Enter this code into the field and click 'Configure'.
Once configured, Castor CDMS will appear in your Authentication app.
Every time you log into Castor, you will need to provide the 6-digit code generated in the Authentication app. The code refreshes every once in a while.
Two-factor authentication is account-based or study-based - some sites and organizations enforce additional authentication for their domains, and some studies require two-factor authentication from users.
The procedure for your own account is always the same.
If you would like to add enforced 2FA and/or 90-day password rotation for email domains linked to your site, please submit a request to Castor Support at support@castoredc.com
Migrated user to Castor Identity
To enable 2FA, first make sure that an authentication app is installed and updated on your phone/tablet.
In Castor, go to:
- Account Settings by clicking on the account icon
- In the bottom left corner and selecting Settings.
- Click on Go to My Account
- Go to the Authenticator app and select Configure
- Follow the steps to scan the QR code on your mobile device
Note: It's not currently possible to change the email address from within the Settings of the My Account, if the user was migrated. Please contact Castor Support at support@castoredc.com
Troubleshooting
When receiving a new device or in the event a device has been lost, it is necessary to move the Authenticator app to a new device or disable it completely.
Check the website of your Authentication app to see how you can move the app to your new device.
For example, for the Google Authenticator, you can access the Google's two-step verification Web page and modify the settings there - you will first need to verify your new device within the Google Authenticator app.
More information can be found on the Google Account Help page: Using a new phone to receive 2-Step Verification codes
If you still have your old and your new device, you can change the 2FA setting in your account to 'No'.
Save your account settings. Regenerate the QR-code by setting the 2FA back to 'Yes' and scan it with your new phone.
Note: If you encounter a problem with reactivating 2FA for your account, please contact us via the online form or via email at support@castoredc.com