Starting March 1, 2023, Netsuite current 2FA functionality of SMS and Phone Calls will no longer be available. This means you will no longer receive the 2FA code on text messages or phone calls. Here's what you need to know about the 2FA updates.
To determine which roles are currently using or have 2FA enabled you will go to Setup > Users/Roles > Two-Factor Authentication Roles. This page will show you your lists of roles available in Netsuite, along with which roles are currently setup to use 2FA upon login.
On this page, you can select in the dropdown available to require 2FA for those roles. Natively, 2FA is set up for a 30-day period on roles. To change that reauthentication period, on the right-hand labeled Duration of Trusted Devices, there is a dropdown. This dropdown lets you determine how often 2FA will be used for that specific role.
The functionality here is to move away from SMS/Phone Call verification as Netsuite is removing this option beginning March 1, 2023. This is the first step in setting up 2FA authentication for roles.
Once 2FA has been added, the next steps are to install an Authenticator App on to your phone that is supported by Netsuite. There are a few options to choose from:
Once one of these apps has been downloaded, you will proceed to login into a role with 2FA requirement. Upon logging into a role for the first time with 2FA, you are automatically shown the Security Setup page. This page will allow you to choose between Authenticator App or SMS/Phone Call. You will select the Authenticator App option. After selecting that option, you will hit next. The next page will show you a QR Code which needs to be scanned by the Authenticator App you just downloaded. Open the app and select the camera option available in the app to scan the QR Code. Upon scanning the QR Code, a verification code will appear, typically 6 numbers. You will enter that 6-digit code into the Verification Code field and hit Next.
You are also given a Back Up Codes option in case the Authenticator app is not working for any reason. The option you want to select is the Back Up Codes as SMS/Phone will not be available in the future. The Back Up Code option is a list of 10 codes that can be used only a single time when the app is not working. Be sure to save or print these codes as this will be the only time you see them. After you have saved your Back Up Codes, select Next.
You are now logged into your Netsuite account and will not have to reauthenticate based on the option that was chosen on the Duration of Trusted Device field. Again, natively the option is set to 30 days meaning that 30 days will pass before the system asks for a verification code that can be on the Authentication App. You will not have to rescan the QR Code as the app saves it and shows you a verification code needed to login.
If you are currently using SMS/Phone Call options for 2FA, you can switch to the authentication app.
Switching from your current use of 2FA is similar once you select the authentication app option. The only difference being how you go about resetting your current setup.
This is the leading practice in using 2FA with an Authenticator App. There is also a SuiteAnswer article that goes over the steps above and explains in more detail the different fields, preferences, and options. The Article ID for reference is 9889.
About Us
Concentrus is a complete NetSuite solutions provider that guides organizations through how to use NetSuite to reach highly focused business goals and objectives. We provide NetSuite implementation, developer, integration, and customization services to ensure that you have a long-term solution that is tailored to fit your systems, people, and processes.
Read About Our Implementation Methodology
Want more NetSuite Tips and Tricks? Check out our Short & 'Suite videos