NetSuite Two-Factor Authentication: Support User Accounts
NetSuite continues to enforce a Two-Factor Authentication (2FA) to enhance security for ALL NetSuite clients at customer login. All Administrator roles, Full Access roles, and highly privileged roles have been affected and companies have needed to update their credentials to provide a second method of authentication when logging in.
Protelo’s expert NetSuite team has come up with a few ways to set up a second authentication factor, speed up the process with an application and seamlessly allow you to log in to roles.
Get NetSuite Services Today
NetSuite 2FA Prerequisite – Google Authenticator
What is Google Authenticator?
Google Authenticator is one of the most popular authenticator applications on the market that works with NetSuite to verify user identities before granting access to websites and services, based on the 2FA process. This application is available on all smartphones and scans barcodes on websites to create a 2FA code as the second level of protection during the log in process. A huge bonus to using Google Authenticator is how it consolidates all of the 2FA codes in one location and keeps them available at all times.
Install Google Authenticator
Google Authenticator is available on your iOS and Andriod device. Click here to install.
Two-Factor Authentication Setup for an Email/Role Combination
Accessing Role that requires 2FA, where 2FA is not setup
This page is automatically displayed in NetSuite after you log in if your user account is assigned to a role that is “forced”, or the role you select is configured, to be using Two-Factor Authentication – and its 2FA has not yet been configured. You will receive a verification code by email. You will need this code to log in and start the process of 2FA setup. Retrieve the code from your email, enter it, then press Submit.
Step 1 – Initial Security Setup for an Email/Role Combination
Select Authenticator App
After providing your email verification code, you will be presented this page to complete the Two-Factor Authentication setup. Select “Authenticator App”, then press Next.
Step 2 – Scan QR Code in Your Google Authenticator App
You will be presented a page containing instruction and a QR code.
Open your Google Authenticator app on your device. If this is the first time you are entering a code, press Begin Setup and then press Scan Barcode (to scan the QR barcode, or press Manual Entry (to enter email address and key).
If you already have other codes in your App, press the plus (+) sign to add a new.
After a successful scan or entry, a new entry will appear in the list, showing a 6-digit verification code. You have successfully added this email/role to your app.
Now enter the 6-digit verification code and press Next on the NetSuite Security Setup page.
Please note: Codes are timed, the app will start showing the code in blinking red when it is about to time out. If it times out, no worries, it will give you a new code. Use the new code instead.
Step 3 – Authenticator App Setup completed
Press Next to setup SMS or Phone Call.
Step 4 – Setup SMS Verification
In this step, enter the phone number that will be used to receive SMS (text) messages or phone calls with your verification code. Select either SMS or Voice call from the options in Step 2 and press Send code.
You will receive either a text message or a phone call with the verification code.
Now enter the 6-digit verification code and press Next on the NetSuite Security Setup page.
Please note: The code will expire in 60 seconds. If your code expires, press Send code again and use the new code instead.
Step 5 – Save Backup Codes
The final page provides a list of Backup Codes for use when 2FA is not accessible.
Please print or screenshot this page for your reference in cases when your two preferred methods are unavailable.
NetSuite Login Using 2FA
Upon log in, you will be presented this page:
It will default to use the Authentication App. Open your Google Authenticator App and find the email address you are logging in as, and enter the code displayed for this email address.
If you use SMS Message, the SMS will be sent to the number you input in the previous steps.
You may also use one of the Backup Codes.
Note: Each backup code can only be used ONCE, so this should only be used as an absolute last resort.
How To Reset Two-Factor Authentication
Two-factor authentication can be reset for any user with the Administrator, Full Access or System Administrator roles.
If there is only one user with access to these roles, and two-factor authentication is no longer an option, NetSuite support must be contacted to do the reset for the account.
Testing for 2FA Compatibility
NetSuite will have several test windows that will enforce mandatory 2FA for integrations that use highly privileged roles and user credentials for authentication for access. The test windows will help you to determine whether your integrations are ready for the end of the exemption for mandatory 2FA. Integrations that use highly privileged roles and are still employing user credentials for API authentication will fail during the test window.
Written by: Tom Armbruster – Senior Application Consultant
Expert Consultants Here For Your Business
Need assistance with 2FA setup? Have questions about your NetSuite account?
Our NetSuite consultants at Protelo can help ensure your NetSuite instance is aligned with the latest 2020 2FA tools and be a valued resource for your team.
Whether you are looking for a one-stop-shop for all things NetSuite, or simply need answers to your questions, our NetSuite experts are here to make your business better.
Contact Our Expert NetSuite Team Today
READ MORE
- NetSuite Tips for Administrators
- NetSuite Efficiency in 2024: Key Projects to Consider
- NetSuite Implementation: Direct or Partner
- How to create, edit, and manage custom KPIs
- NetSuite Services List
- Why Protelo?
Follow us on Social for NetSuite tips, tricks and ERP fun:
YouTube, LinkedIn, Twitter, Pinterest, Instagram, and Facebook
