SECURITY UPDATE OVERVIEW
Security is vitally important to us at Web Ninja, so from 20 October, 2020 we have initiated the process of switching to a 2-Factor authentication (2FA) log-in for your Web Ninja software.
We've sent out emails to your primary contacts we have on file both on the 20th of October, and on the 17th of November in an attempt to ensure you have plenty of time to make the transition before the Administrator general login is permanently disabled.
Combined with individual (rather than company wide) Web Ninja User login/password controls, your site security profile has been enhanced.
WHEN WAS THE CHANGE MADE PERMANENT?
From 1 Dec, 2020:
Current Admin User Name and Password will be replaced by an Individual User Access (First name, Last Name and email address). You can set up multiple users (up to 5) in your organisation (in the future we intend to separate User access by Roles so user access can be limited to specific menu options).
Once you've created at least one Admin user (per below) - the existing Administrator login for your site will be permanently disabled.
WHAT HAPPENS NEXT
Once you are setup as a user and have selected your password. That's when the 2 Factor Authentication kicks in. On login, a Secret Code will be emailed to the user and can be copied and pasted into the login screen. This access code lasts for up to 12 hours (essentially once a day).
We’ve made this change to make your data and the data of your customers more secure. 2FA adds an additional layer of protection over and above your password. By requiring the additional step, we are helping your firm guard against unauthorised access.
Please review this article For how to manage CMS users, update passwords, delete users, what to do if locked out etc:
CMS User Management
You can find more detailed information in the video below (less than 90 seconds) about how the 2FA feature works:
PLEASE NOTE: the 2FA code is valid as long as you don't disconnect from the Internet and don't change locations during your day.
For more info about what may affect the 2FA code (eg if you end-up having to enter it multiple times in a day) please review the FAQ's (below).
Please refer to our 2 Factor Authentication (2FA) FAQs guide