Setting up Multi-Factor Authentication on Tableau Online: Tableau with MFA

0:00Hey, it's Tim here today I'm talking about

0:01multi factor authentication with Tableau

0:03online.

0:04Now today I received a call and an email

0:06from Tableau telling me that I needed to

0:08set up my

0:09multi factor authentication for Tableau

0:11online, because in February Salesforce is

0:13actually going

0:13to enforce this as a requirement for Table

0:16au online. So this is the email that I got,

0:18you can see it up on screen. And it

0:20basically goes through the requirement that

0:22Salesforce

0:22has kicked in, I think this has always been

0:24a requirement for Salesforce. And it's just

0:26basically consistency across the whole

0:28entire Salesforce platform. So we're

0:30getting it here on

0:31Tableau. Now there's some really good

0:33articles. Now what I will say is that if I

0:35get this as an

0:36everyday user, I don't know if all users

0:38are getting out if it's just site admins,

0:40but if I

0:40get this as an everyday user, it's kind of

0:42a bit of a merry go round. Because if I go

0:44to all of

0:44these pages, and you kind of have to go on

0:47this Easter egg hunt to find the right

0:49place to sort

0:49of get the relevant information. But if I

0:51click on this first one, which is about

0:53authentication,

0:54it actually does talk a bit about the multi

0:56factor authentication. And specifically for

0:58Tableau online,

0:59you can see there's this page here. If you

1:02click on that you go to yet another page

1:04which talks

1:04through the different processes. And it

1:06actually talks about multi factor

1:08authentication with

1:09single sign on and multi factor

1:10authentication without single sign on the

1:13version without single

1:14sign on is what I'm going to be covering in

1:16this video. And essentially that version

1:18allows you to

1:19use the Salesforce authenticator app or any

1:21authentication app that supports a standard

1:24basically. And so you can set these up

1:26through a specific method. Now, when I

1:28actually went through

1:29this guide, it walks you through how to set

1:30that up, essentially, you need to be a site

1:32or

1:33server admin in order to do this. But

1:34anyway, in this video, I'm going to go

1:36through the steps by

1:37essentially doing it for myself, I can't

1:39really set up a use case here for an

1:40enterprise because

1:41essentially, I don't have more than three

1:43people on my table online site. And they're

1:46all me

1:46essentially. So I'm just going to go

1:48through this process, at least for myself,

1:49just in case it's

1:50useful for someone else who's trying to go

1:52through this step, understanding what they

1:53need to do.

1:54Let's get stuck in. So I'm over here on

1:56Tableau online, what I need to do is I need

1:58to go over to

1:58the users page. At first, I thought you'd

2:00need to go to the settings page. But for

2:02this one,

2:02you need to go to the users page. And you

2:04arrive at a page which basically has all

2:06your users.

2:07Once you're on the users page, you can do

2:09this one of two ways you can either click

2:10on these three

2:11dots, go to authentication, and you get

2:13this little option. Or you can actually

2:15select these

2:16three people here, essentially, or me go to

2:18actions, go to authentication, you get the

2:20same

2:21option. So you can see that I've

2:22essentially set it up. And it's brought me

2:24back to this homepage,

2:25because essentially, now I need to log in

2:27for my Tableau account. So you'll see here,

2:29I have a

2:29login. Now, in order to do this, I actually

2:31use a two factor authentication app called

2:33Orthi. What

2:34I'm going to do is I'm going to record the

2:36screen, just so that you can see what's

2:37going on on my

2:38iPhone at the same time as what I'm doing

2:40on the screen. So let me just go ahead and

2:42start the

2:43recording so I don't forget. And now that

2:45recording is going, we're pretty much good

2:47to go. So let's

2:48hit sign in. Now my username and password

2:50remain exactly the same. But what it should

2:52do is it

2:52should realize that I haven't set up two

2:54factor authentication before. And it will

2:56take me to this

2:57page to register a verification method. Now

2:59what I can do is I can use the Salesforce

3:01authenticator

3:02app if you're part of the Salesforce

3:04ecosystem, that's a great option, you'd

3:05already have this

3:06maybe. But if you don't want to use that,

3:08maybe you've got another authenticator app

3:10like Google

3:10Authenticator, or in my case Orthi, I'm

3:13going to go ahead and click on this option

3:15here. Now what

3:16you can also do is you can create a

3:17recovery code that's useful in case let's

3:19say your phone gets

3:20lost and you've got no other place to get

3:22an authentication code. I always make sure

3:24I grab

3:24those. But I've clicked on the authentic

3:26ator option here just so we can set this up

3:28first.

3:29I always do this first, then I go grab the

3:31recovery codes. So you can see you get a

3:33little

3:33QR code here. Now I've blurred out the QR

3:35code here because essentially if I show you

3:38this,

3:38you can log in as me as long as you have my

3:40email and password as well. So that kind of

3:42defeats the

3:42point of security. So I've blurred it out

3:44here so you can't see what I'm doing. But

3:46essentially,

3:47all you need to do is point your phone or

3:49whatever at this QR code. And the important

3:53thing is make

3:53sure you have the authenticator app open.

3:55So when I say point your phone at this QR

3:57code,

3:57make sure you're doing it in the authentic

3:59ator app, not just your camera, your camera

4:01won't

4:02necessarily have the authentication

4:03capabilities to handle this. So here I am

4:05in Orthi, I'm just

4:06going to go ahead and click plus. You can

4:08see the QR code option comes up. I'm going

4:10to go ahead and

4:10select the QR code. You'll see that it

4:12finds the QR code and it adds the account

4:14and it gives it

4:14a name. You can see that it says Tableau

4:16Online. It even has an icon which is really

4:19handy. I can

4:19go ahead and hit save and now it's got a

4:21code that's running up on the screen. I can

4:24then use

4:24this code, 656820, enter that in and I can

4:28say connect. And essentially all that's

4:31happening is

4:33the application is making sure that the

4:35code that it's set up in that QR code is

4:37working as expected.

4:39That code chains every few seconds so

4:40essentially it's never going to be the same

4:42, at least for the

4:4430 seconds that it's running. And now when

4:46I go to log in, you can see I'm going back

4:48into the same

4:48Tableau Online site. If I go to sign in you

4:50can see that it might ask me for my two-

4:52factor

4:53authentication code. And so here I can

4:56enter the new one now 639294, hit verify.

5:01We get verified,

5:02it's using the Salesforce Authenticator

5:05verification system there. And now that we

5:07're in,

5:08we're pretty much good to go and we've

5:09logged in. So we've set it up, it's nice

5:11and easy to do

5:12and we are happy. Now what I wanted to do

5:14is get some recovery code. I'd be really

5:17intrigued to see

5:17if there's a way for me to actually go and

5:19get the recovery code. So yes there is an

5:21option. If

5:22you go to user settings and you go into the

5:24setup, there's actually an area here where

5:27you can manage

5:27the multi-factor authentication modes. If I

5:30go ahead and click on that link, I should

5:32get brought

5:32back to this page and you can see here that

5:34I can actually even give this a name. I

5:36always recommend

5:37giving this a name so that you know which

5:39application you're using on your phone

5:41and you can save that. You can add another

5:44authenticator app but sometimes this delet

5:46es

5:46the one that's there because it kind of

5:48defeats the point to have multiple versions

5:50of this. But

5:50what I will do is I will add a recovery

5:52code. So I always do this, I always grab

5:55these, I copy these

5:56and I put this in a secure place in a

5:58password manager or something like that.

6:01Just in case my

6:01phone gets lost and I need another way to

6:03get into the account and I don't have my

6:05two-factor,

6:06this is going to become very handy. I know

6:08it sounds like a very simple thing or very

6:10easy

6:10thing. Oh who's going to lose your phone?

6:12Authy is actually pretty good because it

6:14backs itself

6:15up to the cloud as well. So if you get a

6:16new phone, a new device, you download it,

6:18you put

6:18a password in, you do the authentication

6:21method using your phone or you verify it

6:23with your phone

6:23or email or something like that and then

6:25you're back in and everything's good. It

6:27even works on

6:27an Apple Watch or other devices as well. It

6:29works on Windows, works on iOS, it works

6:31everywhere.

6:32That's why I like it. But it's also good to

6:34capture these recovery codes and save them

6:37elsewhere. So again I've blurred this out

6:38because you shouldn't be able to see this.

6:40Once you're done with that you obviously

6:42get the recovery codes and everything is

6:44good to go.

6:44And now you can go off and pretty much be

6:47done with this. This will send you back to

6:50Tableau

6:50online and you're ready to go. I'm just

6:52going to save my recovery codes off screen

6:54here so you

6:55can't see these. Let me just put these off

6:58screen and let's go into a document here

7:00and I will paste

7:01this in my password manager later after

7:03this video. So that's pretty much it. That

7:05's how to

7:06set up two factor. If you've gone through

7:08this process maybe as an admin has kicked

7:10it off and

7:11enabled it you might see this option again.

7:13It's really important to actually use this

7:15documentation. I think it's handy to sort

7:17of get users over onto this link here. So

7:20you can see

7:20there's an actual page here by Tableau. I

7:22'll put it in the description below that

7:24walks you through

7:25the steps. So this is actually a really

7:26good guide. I'd recommend you maybe just

7:28download this as a

7:29pdf as a standardized thing and you put it

7:31in an faq so users know how to use this.

7:34But it's going

7:34to be really handy for Tableau online. Now

7:36if you've got other single sign-on methods

7:38you might

7:39need to go through some other steps. Maybe

7:41your enterprise has a version or an app

7:43that it likes

7:44to use. Sometimes Microsoft has its own one

7:46as well. So I don't know too much about

7:48server setups

7:49here and SSO in other contexts. I really

7:51only know about Tableau online where you

7:53don't have any other

7:54single sign-on method. So that's what this

7:56video has been about. Thanks for watching

7:58and I'll catch

7:58you in the next video.