Skip to main content
CGM Knowledge Base

Portal Login Management

  1. Last updated
  2. Save as PDF

Overview

The CGM PORTAL Login Management enables you to

  • display your personal details including your e-mail address, first and last name and your language.
  • change your preferred language for the Login Management platform.
  • change your password
  • activate a two-factor-authentication for an enhanced security
  • register trusted devices
  • set up recovery authentication codes

Access

The CGM PORTAL Login Management can be accessed as follows:

1. In the CGM PORTAL, at the top on the right side, click on the arrow button to open the profile drop-down menu.

2. Select option "Change Password".

CustomerPortal_Profile_ChangePassword_EN_New.png

Features

The CGM PORTAL Login Management provides the following features:

Section "Personal info"

Page "Personal info" displays your e-mail address, first and last name and your language. If this page is not displayed in your language, you can change it here and save.

CustomerPortal_Profile_ChangePassword_PersonalInfo_EN_new.png

On the "Authentication" page, you can

  • change your password (see also article Changing the Password).
  • activate a two-factor-authentication for an enhanced security.
    This security process requires you to provide two different forms of identification before accessing an account. This way, your account is even more protected against unauthorized access and potential data breaches.
  • display/remove trusted devices.
  • set up recovery authentication codes.
    Recovery authentication codes are one-time use codes to allow you to regain access to your account in the event you lose access to your primary two-factor authentication method. These codes serve as a backup authentication method and should be securely stored in case they are needed for account recovery.

CustomerPortal_Profile_ChangePassword_PlatformAccess_Authentication_EN_New.png

Multi-Factor Authentication

You have two options to identify yourself when logging on to the CGM PORTAL.

  • Verification via Email Code
    This is the minimum security standard for MFA that will be activated automatically provided no other MFA option has been activated.
    For higher security, we recommend using the verification via Authenticator App.
  • Verification via Authenticator App
    This option provides a higher security and we recommend to use this verification option.

Email Code Verification

This is the minimum security standard for MFA that will be activated automatically provided no other MFA option has been activated. 

When logging on to the CGM PORTAL using your credentials, the system will ask you to enter the 6-digit verfication code. This code is sent to your email address.

emailCode_Authentication_Code_New.png

Once entered, the user needs to select whether the system should trust the current device or not. See also section "Registering Trusted Devices" below.

 

New Registration: When registering new users, they can choose between the email code verification or the existing app-based MFA method.

emailCode_Authentication.png

 

Switching Verification Method: Existing users which have the app-based MFA method activated can change the verification method to email code.
For this, the app-based MFA method needs to be removed. 

1. At the top on the right side, click on the arrow button to open the profile drop-down menu.

2. Select option "Change Password".

CustomerPortal_Profile_ChangePassword_EN_New.png

(Alternatively: option "My Profile" > tab "Personal & Organization Details" > section "Platform Access" > button "Change Password".)

This will open the CGM PORTAL Login Management platform.

 

3. On the CGM PORTAL Login Management platform, navigate to the "Authentication" page.

4. Click on the "Delete" button to remove the app-based authentication. The new email code verification method will then be automatically activated.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_devices_EN_New.png

 

Activating App-Based Multi-Factor Authentication

To activate the two-factor-authentication, proceed as follows:

1. At the top on the right side, click on the arrow button to open the profile drop-down menu.

2. Select option "Change Password".

CustomerPortal_Profile_ChangePassword_EN_New.png

(Alternatively: option "My Profile" > tab "Personal & Organization Details" > section "Platform Access" > button "Change Password".)

This will open the CGM PORTAL Login Management platform.

 

3. On the CGM PORTAL Login Management platform, navigate to the "Authentication" page.

4. Click on "Activate Authenticator App (TOTP)".

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_link_EN_New.png

5. If prompted, re-authenticate by entering your password.

 

6. Open an Authenticator App (e.g., Google Authenticator), and scan the QR code with your device.

If you need guidance on how to install an Authenticator App, click on link "How to install Authenticator app" at the bottom.

In addition, you can click on link "Why 2FA". Here, we explain the importance of a Two-Factor-Authentication.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_EN_New.png

7. Enter the code from the Authenticator App and click on "Validate Code".

CGMPORTAL_Keycloak_PlatformAccess_Authentication_GoogleAuthenticator.png

 

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_code_EN_New.png

8. Once the code has been validated, the setup for the 2FA is completed.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_devices_EN_New.png
 

9. Log out by clicking on "Sign Out" in the upper right corner.

With the next login, you will be asked to re-enter a code from the Authenticator App. If you answer the prompt to trust the current device with "Yes", you will no longer be asked to enter the code from the Authenticator App.

Registering Trusted Devices

1. Once you have set up the Two-Factor-Authentication (2FA) and you log in to the portal again, you have to enter a current code from the authenticator app.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_TrustedDevice_code_EN_New.png

2. Once the code has been entered, click on button "Validate code".

3. The system then asks you if you want to trust your current device. If you answer the question with "Yes", you can define a name for your current device in the displayed pop-up to easily identify it in the future.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_TrustedDevice_Prompt_EN_New.png

4. Once you defined the name for your device, it is registered and listed on the "Authentication" page.

Expiration Date: The expiration date is set to 90 days after registration.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_TrustedDevices_EN_New.png

Note: For new users/contacts in the system, the 2FA is mandatory since September 1st, 2024. The user will first have to set up 2FA. After logging in for the first time, the user can register the trusted device.

 

Removing the 2FA or Trusted Devices

You can remove the Two-Factor-Authentication or a trusted device by clicking the red button "Delete".

 

Registering multiple Trusted Devices

You can have multiple trusted devices with one Two-Factor-Authentication.

If you log on with a new device, the system will ask you if you want to trust this new device and you can add this new device by answering the question with "Yes".

 

Activating Two-Factor-Authentication during Contact Registration process

If a new contact registers (e.g. via self-registration or with registration code) and confirms the email, the step to activate the Two-Factor-Authentication is displayed already during registration after confirming the Terms of Use.

 

Troubleshooting

 

Trusted Device changed/lost

If you have lost or changed your device, you can use the Recovery authentication codes to regain access.

 

Recovery Codes lost

If you have lost your list of recovery codes, contact your support to regain access.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    How-to
    Language
    English
  2. Tags
    1. CGM PORTAL
    2. Profile