Overview
Neon One products (except Neon CCM) require Multi-Factor Authentication (MFA) for additional security. MFA (commonly referred to as Two-Step Verification) is a widely-used security convention that can dramatically increase the security of constituent and operational data. This convention uses multiple methods of identity validation to confirm that users logging into our products are who they say they are. When an individual logs in with a username and password, that is considered one "factor" of verification. The second verification method, either mobile authenticator app or SMS texting, serves as the second factor.
Whenever you log in from a new or untrusted device (and, for security reasons, occasionally on trusted devices), you will need to pass an MFA check.
Table of Contents
Available Authentication Methods
Neon One offers two authentication methods: mobile authenticator and SMS Texting.
Mobile Authenticator (Recommended)
Neon One highly recommends using a mobile authenticator as your authentication method. Mobile authenticators are more secure than text messages, and they often require a password or face ID to access the codes, providing another layer of security for your data.
Authentication apps work by presenting unique codes that refresh on a regular interval. You must enter the correct code before it expires to pass the MFA challenge. Additionally, MFA apps do not require internet connections nor cell service, making them a highly convenient authentication method.
Mobile authenticator apps are available in the App Store and Google Play. Three common apps that are supported by Neon One include Google Authenticator, Microsoft Authenticator, and Authy.
When you login to Neon One and are prompted to enter a code, open the app to find the current code and enter it in the Neon Portal window. Codes refresh at regular intervals, so you will need to open the app each time you are prompted to enter a code.
Text Message
For users unable to use a mobile authenticator, we also offer SMS Texting as an authentication method. We do not recommend using this method unless you are unable to use an app. It is possible to use an authenticator app without a mobile phone; see the FAQ below for help.
With this method, you will receive a code via text message when asked for an authentication code upon login to Neon One.
Only phone numbers with country codes +1, +52, and +86 can use this authentication method.
Authentication Setup for New Users
When users are added to Neon Portal, they will receive emails to setup their username and password. After completing those steps, they will be able to login to Neon One. Once a user logs into any Neon One application (except Neon CCM, which does not use the same login process as other apps), they will be redirected to the 2-Step Verification setup in Neon Portal. Users will not be able to access any part of Neon One until they compete the 2-Step Verification setup.
If you choose mobile authenticator as your MFA method, you will be shown a QR code to scan with your mobile device. If you are unable to scan the QR code, there will be a code below the QR code that you can type into the app instead. After scanning or inputting one of these into your app, enter the code on your app's screen into the box to complete your setup.
Once you enter the code and continue, your mobile authenticator setup will be complete. Next time you login, open your authenticator app to obtain the code you need to login.
If you choose text message as your MFA method, you will be asked to enter a phone number. The only country codes Neon One accepts are +1, +52, and +86. After entering your phone number, you should receive a code via text. Input the code to complete your setup.
Backup Codes
After setting up either authentication method, you will be presented with backup codes. Backup codes serve as a way to access your account if you lose access to your authentication method. You should save these codes in a secure location. If at any point you lose your backup codes, you can generate new ones by navigating to the 2-Step Verification page. Each backup code is only good for one use.
Changing Your Authentication Method
Users can modify their own MFA setup in Neon Portal. After logging into Neon Portal, navigate to the 2-Step Verification page.
On this page, you can switch your MFA method by clicking the Update button. This will allow you to restart the setup process. If you were using Text Message authentication, this will allow you to either change your phone number or switch to a mobile authenticator app.
FAQ
Can my administrator reset my MFA method?
No. If you are unable to access Neon One and need your MFA reset, you must reach out to your application Support Team for assistance. If, however, you are able to access Neon Portal, you can change your own MFA method by following the steps above. If you need to change your phone number for SMS authentication, follow those steps to do so.
How to Set Up Google Authenticator on a Web Browser?
Please see the information provided here.
I don't have a mobile device. What are my options?
You can leverage a Chrome browser to access https://authenticator.cc/ and add the extension in Chrome. This will allow you to use the mobile authenticator method.
Does Neon One offer email as an authentication method?
No. Neon One's 2-Step Verification only offers mobile authenticators or SMS texting. The reason for this is because your email account is your first factor of authentication. Offering email codes does not then suffice as a second factor. Should your email account be compromised, an email-based verification code does not provide any additional security.
What do I do if I receive a backup code via text message but I am not attempting to login?
If you are texted a backup code while not trying to login to Neon One, your username and password may be compromised. You should reset your password. We highly recommend that your password is different for your email and your Neon One login.
2-Step Verification is inconvenient for my system users. Can I turn it off?
Starting January 11, 2025, 2-Step Verification is a requirement for all Neon One users. This change is due to a regulatory requirement coming into effect for PCI (Payments Card Industry) compliance. We are unable to offer any exceptions.
What if I share my login credentials with another person? How will we pass the MFA challenge?
Users are instructed not to share login credentials with anyone. Each user accessing the Neon One system needs their own username and password, as well as their own MFA method.