My Settings

The My Settings page can be accessed by clicking your username in the upper right and clicking My Settings. This page allows you to change a few preferences for the current user account.

If Record all login attempts is enabled on the System Defaults page, you may have a "last login attempt" link at the top of this screen that will display your account's login history.

---

Summary of Available Settings

Depending on how the instance of Issuetrak is configured to show this area, the available settings will either be:

• Security Settings
  • Manage Multi-factor Authentication: Allows the user to configure MFA for their account.
  • Close My Sessions: Ends all user sessions for this account in the site. Forces this account to the login screen to re-authenticate.
• Time Zone setting

OR

• Time Zone (and handling of Daylight Saving Time)
• Default Home Page
• Redirect To: This determines what page Issuetrak will load after submitting an issue.
• Default Dashboard Class filter: Determines which class of issues will be displayed on the Dashboard by default.
• Dashboard Reload: Determines how often the dashboard will automatically reload.
• Personal contact information
• Security Settings
  • Manage Multi-factor Authentication: Allows the user to configure MFA for their account.
  • Close My Sessions: Ends all user sessions for this account in the site. Forces this account to the login screen to re-authenticate.

Once your preferences have been selected and any modifications entered, click Update to save these settings. A confirmation message will appear when this process is complete.

---

 

Configuring Multi-factor Authentication

Issuetrak natively supports multi-factor authentication (MFA) for users that use Issuetrak authentication.

There are two supported methods of MFA. Only one method can be selected for each user:

• Time-based One-Time Passcode (TOTP) - An app such as Google Authenticator or Authy generates a 6-digit passcode that the user must enter in addition to their issuetrak credentials.
   
• Email-based one-time passcode - Upon entering their credentials, they will be emailed a one-time passcode that must additionally be entered to access Issuetrak. This requires that you have a valid email address and that Issuetrak has Outgoing Email configured and functional.

---

Time-Based One-Time Passcode (TOTP)

One of the available MFA options is to configure a mobile device to provide a new six-digit one-time passcode every 30 seconds, which users will enter on a screen following the usual Issuetrak login prompt.

Steps:

1. Sign into Issuetrak.
2. Click your user icon in the top-right corner, then click My Settings.
3. Under the Security header, click on Manage Multi-Factor Authentication.
4. In the pop-up that appears, under the Authenticator header click on Configure. Note that if Email one-time passcode is already configured, you'll receive a pop-up asking for you to confirm that you are invalidating that MFA method for this user account.
5. Open your chosen MFA app on your mobile device (Google Authenticator, Authy, etc) and scan the QR code that appears on your screen.
6. Enter the 6-digit passcode from the app the screen underneath the Verify header, then click on Pair Device.
7. The site will pause for a moment and then display your Backup Codes. Each backup code can be used once to bypass the MFA prompt. Keep these in a safe place.
8. (Optional) Test the functionality: Authenticate to Issuetrak as you normally would. Once you've entered your credentials, click Sign In. Once they enter their credentials and click Sign In. Another screen will appear and you will be prompted to enter the one-time passcode from your app. After successfully entering that passcode, you should be presented with your Issuetrak home screen.

---

Email One-Time Passcode (OTP)

The other available MFA option is to have your Issuetrak instance generate and email you a one-time passcode when you correctly enter their Issuetrak credentials at the site's login prompt. After successfully entering your Issuetrak credentials, you will be presented with an MFA screen prompting you to enter the code you were emailed to complete the login process. This process will re-occur every time you sign into Issuetrak.

It is only possible to use email OTP if Outgoing Email is properly configured in your site, and you must have a valid email address associated with your user account.

Steps:

1. Sign into Issuetrak.
2. Click your user icon in the top-right corner, then click My Settings.
3. Under the Security header, click on Manage Multi-Factor Authentication.
4. In the pop-up that appears, under the Email header click on Configure. Note that if an Authenticator App one-time passcode is already configured, you'll receive a pop-up asking for you to confirm that you are invalidating that MFA method for this user account.
5. Check your email and enter the passcode, then click Verify.
6. If successful, the account is now configured to email you a new passcode each time you successfully authenticate to Issuetrak.
7. (Optional) Test the functionality: Authenticate to Issuetrak as you normally would. Once you've entered your credentials, click Sign In. Another screen will appear and you will be prompted to enter the one-time passcode from your email. After successfully entering that passcode, you should be presented with your Issuetrak home screen.

---

 

Close My Sessions

You can click on the Close My Sessions button to end all sessions involving your user account with this Issuetrak site. This effectively kicks anyone out of Issuetrak that is signed into your account, and forces them to re-authenticate. This can be useful if you believe someone else might be signed in with your credentials. Note: Using MFA makes this scenario less likely to happen!