Two-Factor Authentication

What is Two-Factor Authentication, or 2FA?

Two-Factor Authentication is the method of using a combination of two types of verification to confirm the identity of a person logging into a secure web-based application, such as Tilma. It's an added layer of security for parishes to ensure the data entrusted to Tilma is safely stored, secure and only accessible by those meant to access it.

How does 2FA work on Tilma?

When activated on a Tilma account, users will use their email address and password as the first stage of authentication. 

The second stage of authentication is to enter the six-digit code sent to the person logging in using the method chosen on their account. The choices are: 

  1. Email - this is the email that is the username for accessing a Tilma account.
  2. SMS (text message) – Only active if mobile/cell phone number is included in the Profile tab. 
  3. Phone call – Only active if mobile/cell phone number is included in the Profile tab.

"Remembering" Different Devices

Checking the "Remember this computer for 30 days" box will store a cookie locally on the computer or device logging in for 30 days before prompting 2FA again. This cookie will not apply to any other devices where the same login in used. 

For example, if you login in with a laptop computer and check the box, only the laptop will be "remembered" for 30 days. If you were to later login with a smartphone or tablet, then you would be prompted again to use 2FA.

Admin Accounts

It is strongly encouraged that admins turn on 2FA for additional security of their site and People data. 

Parishioner (or Member) Accounts

Parishioners can opt to either turn on or turn off 2FA.

Authentication Code Expiry

Once a code is sent, it will expire after 10 minutes if not used. The login process repeat itself and a new code will be sent to the user.

Still need help? Contact Us Contact Us