Protect accounts with two-factor authentication
Overview
AGS Two-Factor Authentication (2FA) provides a second layer of security for user accounts on the AGS platform. In this guide, we will show you how to enable 2FA for players accessing your game or web portal, or for admin users accessing the Admin Portal.
Two-factor authentication (2FA) is not yet supported in AGS Shared Cloud.
Prerequisites
- Access to the Admin Portal to enable 2FA for you and other admin users accessing the Admin Portal.
- Set up AGS Player Portal if you want to provide your players the ability to enable 2FA for accessing your game or web portal.
Enable 2FA for admin users
AGS offers three different types of 2FA:
- Authenticator app: The user retrieves their real-time 2FA code from an authenticator app each time they log in.
- Backup code: A 2FA code is generated from our service and stored manually by the user. This is designed for users who don't have access to a mobile device.
- Email authentication: A 2FA code is generated and sent to the user's email each time they log in. An AGS full account with verified email address is required for this one.
You and other admin users can follow the steps below to enable each of them.
Enable the authenticator app method
In the Admin Portal, open the My Account menu on the top-right corner of the screen and click Password & Security.
On the Password & Security page, scroll down to Two-Factor Authentication and click Enable next to the Authenticator App method.
The Enable Authenticator App form will appear. Follow the instructions provided.
Once completed, click the Activate button. The Authenticator App method is now enabled.
Enable the backup code method
In the Admin Portal, open the My Account menu on the top-right corner of the screen and click Password & Security.
On the Password & Security page, scroll down to Two-Factor Authentication and click Enable next to the Backup Codes method.
The Backup Code method is now enabled. The Your Backup Codes window will appear with 10 backup codes for you to use. Click Download Code to save your backup codes. Click Generate New Codes to generate 10 new codes for use.
noteEach code can only be used once.
Enable the email authentication method
In the Admin Portal, open the My Account menu on the top-right corner of the screen and click Password & Security.
On the Password & Security page, scroll down to Two-Factor Authentication and click Enable next to the Email Authentication method.
The Enable Email Authentication form will appear, and a code will be sent to your registered email address. Enter the code into the Verification code text box.
When you're done, click Activate. The Email Authentication method is now enabled.
Set the default 2FA method
You can set a default 2FA method if you have enabled multiple authentication methods.
In the Admin Portal, open the My Account menu on the top-right corner of the screen and click Password & Security.
Under the Two-Factor Authentication section, set the default 2FA method by clicking the Make this my default Two-Factor authentication method box under your preferred method.
Enable 2FA for players
Your players can only enable 2FA for accessing your game or web portal if you set up the AGS Player Portal.
Once players enable 2FA for their accounts, this additional authentication step will be enabled for all your applications by default when players sign in, including your games.
You can turn on and off the 2FA flow for any application that you want on the IAM Clients page in the Admin Portal. Refer to the IAM Client Management Guide for more details.