Gestione degli accessi al portale

Last updated
Save as PDF

Overview

The CGM PORTAL Login Management enables you to

display your personal details including your e-mail address, first and last name and your language.
change your preferred language for the Login Management platform.
change your password
activate a two-factor-authentication for an enhanced security
register trusted devices
set up recovery authentication codes

Access

The CGM PORTAL Login Management can be accessed as follows:

1. In the CGM PORTAL, at the top on the right side, click on the arrow button to open the profile drop-down menu.

2. Select option "Change Password".

Features

The CGM PORTAL Login Management provides the following features:

Section "Personal info"

Page "Personal info" displays your e-mail address, first and last name and your language. If this page is not displayed in your language, you can change it here and save.

Section "Platform access"

In section "Platform access", page "Authentication", you can

change your password (see also article Changing the Password)
activate a two-factor-authentication for an enhanced security
This security process requires you to provide two different forms of identification before accessing an account. This way, your account is even more protected against unauthorized access and potential data breaches.
display/remove trusted devices
set up recovery authentication codes
Recovery authentication codes are one-time use codes to allow you to regain access to your account in the event you lose access to your primary two-factor authentication method. These codes serve as a backup authentication method and should be securely stored in case they are needed for account recovery.

CustomerPortal_Profile_ChangePassword_PlatformAccess_Authentication.png

Activating Two-Factor-Authentication

To activate the two-factor-authentication, proceed as follows:

1. At the top on the right side, click on the arrow button to open the profile drop-down menu.

2. Select option "Change Password".

(Alternatively: option "My Profile" > tab "Personal & Organization Details" > section "Platform Access" > button "Change Password".)

This will open the CGM PORTAL Login Management platform.

3. On the CGM PORTAL Login Management platform, navigate to section "Platform access" > page "Authentication".

4. Click on "ACTIVATE TWO-FACTOR-AUTHENTICATION".

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_link.png

5. (If prompted, re-authenticate by entering your password.)

6. Open an Authenticator App (e.g., Google Authenticator), and scan the QR code with your device.

If you need guidance on how to install an Authenticator App, click on link "How to install Authenticator app" at the bottom.

In addition, you can click on link "Why 2FA". Here, we explain the importance of a Two-Factor-Authentication.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA.png

7. Enter the code from the Authenticator App and click on "VALIDATE CODE".

CGMPORTAL_Keycloak_PlatformAccess_Authentication_GoogleAuthenticator.png

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_code.png

8. Once the code has been validated, the setup for the 2FA is completed.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_devices.png

9. Log out by clicking on "Sign Out" in the upper right corner.

With the next login, you will be asked to re-enter a code from the Authenticator App. If you answer the prompt to trust the current device with "Yes", you will no longer be asked to enter the code from the Authenticator App.

Registering Trusted Devices

1. Once you have set up the Two-Factor-Authentication (2FA) and you log in to the portal again, you have to enter a current code from the authenticator app.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_TrustedDevice_code.png

2. Once the code has been entered, click on button "VALIDATE CODE".

3. The system then asks you if you want to trust your current device. If you answer the question with "YES", you can define a name for your current device in the displayed pop-up to easily identify it in the future.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_TrustedDevice_Prompt.png

4. Once you defined the name for your device, it is registered and listed on the Platform access page in section "Authentication".

Expiration Date: The expiration date is set to 90 days after registration.

CGMPORTAL_Keycloak_PlatformAccess_Authentication_2FA_TrustedDevices.png

Note: For new users/contacts in the system, the 2FA will be mandatory as of September 1st, 2024. In this case, the workflow differs slightly. The user will first have to set up 2FA. After logging in for the first time, the user can register the trusted device.

Removing the 2FA or Trusted Devices

You can remove the Two-Factor-Authentication or a trusted device by clicking the red button "REMOVE".

Registering multiple Trusted Devices

You can have multiple trusted devices with one Two-Factor-Authentication.

If you log on with a new device, the system will ask you if you want to trust this new device and you can add this new device by answering the question with "YES".

Activating Two-Factor-Authentication during Contact Registration process

If a new contact registers (e.g. via self-registration or with registration code) and confirms the email, the step to activate the Two-Factor-Authentication is displayed already during registration after confirming the Terms of Use.

Troubleshooting

Trusted Device changed/lost

If you have lost or changed your device, you can use the Recovery authentication codes to regain access.

Recovery Codes lost

If you have lost your list of recovery codes, contact your support to regain access.