Support & Training
Websites    >    Knowledgebase    >    Site Administration    >    Clubhouse Online Security    >    Two Factor Authentication

Two Factor Authentication

Two Factor Authentication (2FA) within ClubHouse Online will require a user to enter a passcode in addition to successfully authenticating to the club’s site with their username and password.

The following information can be found on this page.

How to make changes to the Two Factor Authentication setup
How a User Authenticates with Two Factor Logins Enabled
How to Opt Out 
Mobile App Continuous Login vs Interval Between Two Factor Logins

 


How to make changes to the Two Factor Authentication setup

  1. Log in to the club's ClubHouse Online website with an Administrator user account and access Club Central.
  2. From within Club Central, click Planet icon (Open Application List) at the top left.
  3. Select Modules > Company Management from the Applications list. 
  4. Select Login Configuration from the left navigation. 
  5. Scroll down to the Two Factor Authentication section

Two Factor Authentication Section

Enable Two Factor Authentication

  • Checked: Users will be prompted for a passcode after they enter their username and password to successfully login to the website. (Recommended).
    • Select the checkbox beside the user types that Two Factor Authentication should be applied.
      • Member Users: Users that are set up with the Member User Type.
      • Admin Users: Users that are set up with the Administrator User Type.
      • Non-Member Users: Users that are set up with the Employee or Public User Type.
  • Unchecked: Users will only have to type in their username and password to login to the website.

Interval Between Two Factor Logins

Enter a number to measure the number days between Two Factor logins.

Ex. If the interval is set to 5 (days), after a user completes their initial Two Factor Authentication, they will be prompted to complete the process again 5 days from that date.

Allow User Opt Out

If a club would like to give users the option to opt-out from Two Factor Authentication, this can be enabled within the Two-Factor Authentication settings.

  • Checked: If the club has the Roster module, users will be able to opt out of two factor authentication on their own using the Edit Profile section on the website. 
  • Unchecked: Users will have to contact the club for administrators to assist with opting out of two factor authentication.


How a User Authenticates with Two Factor Authentication Enable

With Two Factor Authentication enabled, going forward there are two scenarios when they will be prompted for the passcode, during the login process and when they forget / change their password.

Login process

When a club's site is configured to use Two Factor Authentication, in addition to entering their username and password, a user will be advised to check their email to obtain a passcode to successfully login.

  1. Go to clubs ClubHouse Online website login page
  2. Enter username and password
  3. Click Login
  4. The following message will be displayed on screen with a field to enter a passcode. "An email has been sent to the email address associated with your user account. Within it you will find a code which needs to be entered into the field below in order to successfully login." 
  5. User should check their inbox / junk box for the email that is associated with the user account to get the verification code.
    • The code provided will expire in 5 minutes.
  6. Type in the Passcode.
  7. Click Login button.
    • If the incorrect passcode was entered or it has expired, Invalid passcode. Please try again. will be displayed. 
    • Click Resend button and a new passcode will be emailed.

Forgot / Change Password

When a user attempts to change their password, they will also be required to enter a passcode as part of the two factor authentication process. The buttons will be displayed as verify passcode and resend passcode. 

  1. Go to clubs ClubHouse Online website login page
  2. Click Forgot password
  3. Enter email address or username (depending on club's setup)
  4. Click Send Password Reset
  5. The following message will be displayed "If the specified username/email is associated with an account, you will receive an email with password reset instructions."
  6. User should check their inbox / junk box for the email that is associated with the user account to access instructions.
    • There will be a link to click on to proceed in changing the password. The link can only be used once.
  7. Click on link within email.
  8. The following message will be displayed on screen with a field to enter a passcode. "An email has been sent to the email address associated with your user account. Within it you will find a code which needs to be entered into the field below in order to change your password." 
  9. User should check their inbox / junk box for the email that is associated with the user account to get the verification code.
    • The code provided will expire in 5 minutes.
  10. Type in the Passcode.
  11. Click Login button.
    • If the incorrect passcode was entered or it has expired, Invalid passcode. Please try again. will be displayed. 
    • Click Resend Passcode button and a new passcode will be emailed.


How to Opt-Out

There are two methods in which a user account can be opted out from Two-Factor Authentication, Member completes the opt-out or an Administrator.

Member Opt-Out

A member will be provided the option to opt out / in during the following scenarios:

First Login after two factor authentication is enabled

The user will follow the two factor authentication process and then asked if they wish to continue or opt out of the process going forward. This prompt will only appear the first time they login after two factor authentication has been enabled for the user.

  1. Enter username and password.
  2. Click Login.
  3. Check email and get verification code.
  4. Type in Passcode.
  5. Click Login button.
  6. Opt Out or Continue Screen.

From member Roster > Edit My Profile

A member can modify their choice at anytime by editing their Roster profile. This option will be located at the bottom of their profile in the Settings section. 

  1. Member logs in to ClubHouse Online website. 
  2. Click their name in top right.
  3. Select Edit My Profile
  4. Scroll down to the bottom to find the Settings section. 
  5. Enable Two Factor Authentication - uncheck the box.
  6. Click Save.

Administrator Opt-Out

An Administrator has the option to Opt-Out a member by completing the following steps:

  1. From within Club Central, click Planet icon (Open Application List) at the top left.
  2. Select User Management > Users from the Applications list.
  3. User: Contains - keep the drop-down as Contains, in the box to the right, enter search criteria to find user.
    • Search can be done by: User name, Full Name, Email Address or Member Number.
  4. Click Search.
  5. Click pencil icon to the left of the username.   
  6. Under the Restrictions section of the user profile, uncheck the box for Two Factor Authentication Enabled:  
  7. Click Save at the top.


How Mobile App Continuous Login setting affects Interval Between Two Factor Logins

Within the Login Configuration there is a Mobile App Login Configuration section. This is applicable for clubs that have the mobile app. 
If the Mobile App Login Configuration has the Allow Continuous Login option enabled with a specific number of days set for the duration and Two Factor Authentication is enabled with a set number of days for the Interval between Two Factor Logins options, the parameter that has the lower value will be enforced for both parameters.

Mobile App Login Configuration section

Allow Continuous Login

  • Checked: Members will remain logged in the app until they logout manually, their password changes, their user account is removed or the number of days specified has lapsed. 
  • Unchecked: Members will not remain logged in on the app. 

Duration of Credentials Stored in App (in Days):

  • If Allow Continuous Login is enabled, enter number of days for credentials to be stored.
Example of what will happen when the following is setup
  • Two Factor Authentication - Interval Between Two Factor Logins = 5
  • Mobile App Login Configuration - Allow Continuous Login is checked and Duration of Credentials Stored in App (in Days) = 10
Result:
  1. Users will have to complete Two Factor Authentication every 5 days.
  2. Users logging into the Mobile App will need to login every 5 days, instead of the 10 that is configured. Mobile app users will follow the lower parameter set in Interval Between Two Factor Logins, which is 5 days.

Related Articles

Refine Your Search

Can't Find Your Solution?

Contact Us