Written by If you have already read about it or you’re like me, who is already experiencing the 2FA being mandatory for Administrator role, you’d probably agree that it is annoying.
Having to access your phone or your notepad just to copy the code is already a daunting task to me with my busy life as a NetSuite Administrator. I don’t need an additional work like this!
However, it is inevitable. Banks and financial institutions have already started adopting it to make their client’s data more secure. Sooner or later, almost every cloud application we use would require it. So better be prepared by how it will massively impact your Administrator lives. Here are some facts I’d like to share with you:
You have to be extra careful of your phone and bring it with you at all times!
If phones used to be a distraction at work, now you gotta treat it as your work partner. You need your working phone to be accessible to you while working as it will most likely be the first thing you’ll pick up when NetSuite asks for that magic code.
Always save the backup codes, you know.. just in case.
In case you’re traveling where your phone cannot receive the SMS message for the code or God forbid, your phone gets lost or stolen, always save the backup codes provided to you. Through this way, you can still access your NetSuite account or reset your 2FA settings when, uhm, you know.. the latter happens.
You have an option to set the number of days of how long a code will be valid.
You can set the duration on how long each code will be valid by going to Setup > Users/Roles > Two-Factor Authentication Roles. It’s probably easy to make your call on this when you’re the sole decision maker on what to do you with your NetSuite account. However, when you’re working with a team, make sure that you will be on a consensus as it might be against your company policy.
Choose ‘authenticator app’ over SMS.
Yes, I really advocate (even NetSuite does) using an authenticator app versus SMS as your primary method of authentication. You might have experienced it already but SMS sometimes takes a while to arrive. In other apps I experienced receiving it after 5 minutes (OR NEVER!) which is so unacceptable so better install an app that you can simply open up anytime!
The 2FA being mandatory is not limited to Administrator or Full Access roles.
Yup. NetSuite is making 2FA mandatory to some other roles too, as long as that role contains the permissions listed in this page:
Permissions Requiring Two-Factor Authentication (2FA)
You can no longer authenticate with your username and password as an Administrator in your integrations.
That’s right. Moving forward, you can no longer use the powerful Administator role that you assigned just ’cause you wanted to grant all the permissions needed for your integration to work. You have to either use a less-privileged role if you’re authenticating through the standard login operation or adopt token-based authentication.
There’s no other way but to go 2FA
Love it or hate it, 2FA is the reality for us NetSuite professionals. Time will pass and it will just become a common thing and a part of our weekday reflexes. (Oh, don’t forget to set the duration. That lessened my irritation by 98%).