In March 2023, Oracle NetSuite announced that users who are setting up or resetting their NetSuite 2FA (two-factor authentication) configurations need to download and use an authenticator app to generate verification codes. Getting codes by SMS is no longer available for users who are setting up 2FA for the first time, or for existing users who modify their 2FA settings. Users can also log in with the one-time backup codes provided during the 2FA setup. Now another change is coming. As of March 1, 2024, NetSuite is ending support for 2FA by SMA or voice call.
Two-factor authentication is an important security measure that adds a level of protection to a traditional username and password login. NetSuite configuration allows for 2FA to protect your company from unauthorized access to data and other risks associated with compromised passwords.
As NetSuite rolls out its 2024.1 Release, it will be making changes to its authentication process. Currently, NetSuite users can receive a call or text to validate their credentials and complete their login. However, as of March 1, 2024, NetSuite will no longer support this. In this article, we will go through the NetSuite authenticator app options going forward, and how they can be configured.
If the role is configured for 2FA security, NetSuite will require authentication through an app. NetSuite suggests one of the following four authenticator apps: Oracle Mobile Authenticator, Google Authenticator, Microsoft Authenticator, and OKTA Verify.
To get started, download one of these authenticator applications onto your mobile device.
Next, log in to your NetSuite instance and locate the settings portlet on the home dashboard. There should be a “Reset 2FA Settings” link located within the portlet. On the Reset 2FA Settings page, enter your NetSuite password. Click Send Code to receive a code and enter it in the Verification or Backup Code box. Then, click Reset. You can log out of NetSuite and log back into a 2FA-required role to continue setting up your 2FA application.
Upon this login, you will automatically be shown the Security setup page. Once you confirm the installation of one of the authenticator apps (Oracle Mobile Authenticator, Google Authenticator, Microsoft Authenticator, or OKTA Verify), click Next. Using the app on your phone, scan the QR code displayed on your screen or manually enter the characters shown next to the code. The authenticator app will generate a verification code, which you will then enter into NetSuite. Once this is complete, click Next.
NetSuite will then provide ten backup codes. These can be used to log into a 2FA-required role when you are unable to use the authenticator app to receive a verification code. Make a note of these codes or print them for safekeeping. If you lose these backup codes, you can generate new ones. Click Next to complete the setup of your two-factor authentication.
If you lost your device, buy a new one, change your phone number or change your authenticator app, you must go through the above process again – starting with resetting your 2FA settings.
It is vital to understand the value of two-factor authentication for cloud-ERP systems like NetSuite. We are here to help enhance your business security now and in the future.
Author: Riley Larsen | [email protected]
Contact Us
To learn more about this announcement and future updates, reach out to Withum’s NetSuite Consulting Services Team.
