There are two extra security settings which can restrict who can and who cannot access your FoodStorm application. The settings can only be updated by the Account Owner.
Currently these features only apply to the Admin system (so they are not applicable for the Shopping cart/Public system).
IP Address restriction
This feature will only allow the FoodStorm application to be accessed from a list of specified IP Addresses.
Note: It is important that if you use this feature, that you have static IP Address for your work environment. If your Internet Service Provider changes your IP address, then you may find that no one will be able to log in.
To create the list,
- Log in to FoodStorm as Account Owner and select Account from the settings cogwheel
- Expand Security Settings and click Edit
- Add in the specific IP address(es) that you wish to include, separating each address by a comma. A list of 3 IP addresses looks something like this:
220.127.116.11, 18.104.22.168, 212.131.323.166
Note that you must include your current IP address in the list, or you will be unable to log in to FoodStorm.
- Click Save.
Now your valid users will only be able to log in if their IP Address is in the specified list (unless they are set up for 2 factor authentication - see below for details)
2 Factor Authentication
If you wish to use this feature, then you should ensure that each user has a mobile phone number specified in the Contacts/Employees Mobile Phone field.
When the setting is 'Yes' , then when you login with your valid username and password, the IP Address list will be checked to see if your IP Address is allowed. If so, then you will be logged in as normal.
If the IP Address is not in the specified list, then a text message containing a random 6 digit number will be sent to the mobile phone number of the specified user. and the user will be prompted to enter the number on the login sequence. The number will only be valid for 15 minutes. If the number is entered correctly then the login will be successful.