Important update 1: Email Support is being transitioned to Webforms. Click here for more information.
Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Enabling Email Security in the Mail Administration Console

            Two-factor authentication (2FA) and app-specific passwords add an extra layer of security for your webmail customers, helping to reduce the risk of hijacked email when a password alone is not enough. As a reseller, you enable these features for a brand in the Mail Administration Console (MAC). This article explains how to enable and disable 2FA, brand the 2FA window, and enable app-specific passwords.

            About two-factor authentication

            Two-factor authentication requires a user to provide both their username and password and an ever-changing code generated by an authenticator app, usually on their smartphone. This means a stolen password is not enough on its own to access the account.

            Step 1: Enable 2FA in the MAC

            1. Log in to the MAC.
            2. Click Brands in the left menu.
            3. Select the brand where you want to enable 2FA.
            4. Under Services & Settings, select Allow two-factor auth (2FA).
            5. Click Update at the bottom of the page. The feature is applied across the brand.

            Tip: To let users turn off 2FA themselves, also select Allow users to disable 2FA.

            Step 2: Brand the 2FA window (optional)

            If you have a custom webmail login page, you can apply your branding to the 2FA pop-up window.

            1. In the Email section of the Control Panel, on your company page, click the Brands tab.
            2. Click the brand you want to manage.
            3. Under Custom login page, click Edit.
            4. Use these CSS selectors as a starting point to style the 2FA pop-up window: #login-form .box-inner .modalheader and #login-form .box-inner .modal.
            5. Select Update to apply your changes.

            Step 3: Disable 2FA for a user

            If a user loses the device that holds their second factor, for example a lost phone or a reset authenticator, disable 2FA for that user so they can set it up again with a new token.

            1. Log in to the MAC.
            2. Select Users from the left menu.
            3. Select the user you want to reset.
            4. Under Password and Security, click Enabled beside Two-Factor Auth.
            5. In the confirmation prompt, select Disable.
            6. Notify the customer that 2FA is disabled so they can set it up again with a new token.

            About app-specific passwords

            App-specific passwords provide a separate, secure password for each app or device that receives email, such as the mail client on a phone. If a device is lost, the customer can delete that password without changing it everywhere else. App-specific passwords can be used alongside 2FA or on their own. Each email account supports up to four app-specific passwords.

            Step 4: Enable app-specific passwords in the MAC

            1. Log in to the MAC.
            2. Click Brands in the left menu.
            3. Select the brand where you want to enable app-specific passwords.
            4. Under Services & Settings, select Allow app-specific passwords.
            5. Click Update at the bottom of the page.

            Next steps

            Questions? Contact OpenSRS Support.

            How helpful was this article?

            Thanks for your feedback!

            Do you still need help? If so please submit a request here.